Uočena su i ispravljena dva sigurnosna propusta programskog paketa BIND koje udaljeni napadač može iskoristiti za otkrivanje osjetljivih informacija te izvođenje DoS i "ghost domain names" napada.
Paket:
BIND 9.7.x
Operacijski sustavi:
CentOS
Problem:
neodgovarajuće rukovanje datotekama, pogreška u programskoj komponenti
CentOS Errata and Security Advisory 2012:0716 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0716.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
081b3e564fa77e8042355bf02848a1384b8321391e19d11d1348a8c3b220a72d
bind-9.7.3-8.P3.el6_2.3.i686.rpm
bac48abad13d32c664a68e8730558e65a2ed280d732fc6db37109efa502a7a0f
bind-chroot-9.7.3-8.P3.el6_2.3.i686.rpm
2d2debcbb81feac2ca95aed1dd8d0d138ac1ec65cc752b4a3c020f17e6601938
bind-devel-9.7.3-8.P3.el6_2.3.i686.rpm
b450fbefc48d5c6fe9e624fb54f5df46b03e02a9eb69da2cc019e6d00e160600
bind-libs-9.7.3-8.P3.el6_2.3.i686.rpm
48917fd1680a3ce07a2e5760f1d2eee9335301c1c86884b5a65dccc052bf53c8
bind-sdb-9.7.3-8.P3.el6_2.3.i686.rpm
342be62081582d5538ef6c7f74d5a7239be2eb293e6780e79872be28cdd1ce05
bind-utils-9.7.3-8.P3.el6_2.3.i686.rpm
x86_64:
7e36254c2830868c4555ad564a25b562f48548ecf9b952beefa4354bb05c02f3
bind-9.7.3-8.P3.el6_2.3.x86_64.rpm
c6a565e300c2359090febca013f6240435d28976acf8e33685f7a15cca255100
bind-chroot-9.7.3-8.P3.el6_2.3.x86_64.rpm
2d2debcbb81feac2ca95aed1dd8d0d138ac1ec65cc752b4a3c020f17e6601938
bind-devel-9.7.3-8.P3.el6_2.3.i686.rpm
1cb45a52030eff6da500e0716c0d0e1860b40b2d5a8b1f5fc5f252ed92bbf101
bind-devel-9.7.3-8.P3.el6_2.3.x86_64.rpm
b450fbefc48d5c6fe9e624fb54f5df46b03e02a9eb69da2cc019e6d00e160600
bind-libs-9.7.3-8.P3.el6_2.3.i686.rpm
1d394744ea456c996cbbb4e8edf5742b67bccc36e376d2ae10df2277412f0faa
bind-libs-9.7.3-8.P3.el6_2.3.x86_64.rpm
4513cb91c85a818b1a1719ef4141559102a1eeea29c8294c615ef3196cded645
bind-sdb-9.7.3-8.P3.el6_2.3.x86_64.rpm
3d4739b13cf9b6993e52ffed100be8086571940369f3203ca2c88cd52caf2c2f
bind-utils-9.7.3-8.P3.el6_2.3.x86_64.rpm
Source:
387212f6401f4d14939be846fdae6d898cc80f65a74044ebf893265a08228b31
bind-9.7.3-8.P3.el6_2.3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
CentOS Errata and Security Advisory 2012:0717 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0717.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
2b9b6c83fc41075777d1571201e7a1c88eb44a3a137b19b10d5891c731e18d3d
bind97-9.7.0-10.P2.el5_8.1.i386.rpm
9cd7c8ef84dd48ecbfa497c7cc9a5b18852f4c06d246bf5937db6bd53271db4d
bind97-chroot-9.7.0-10.P2.el5_8.1.i386.rpm
c231140964ec0ab35407d6eeb2887c2b0096460bec68d2ce15772acdc7d66932
bind97-devel-9.7.0-10.P2.el5_8.1.i386.rpm
a7447f529de7315ead9a05983d355be900d83870f143fbdcb712ec0a0e30813e
bind97-libs-9.7.0-10.P2.el5_8.1.i386.rpm
f2a40630eda6b048fdad3cc3a4358456eb37ab613ece602014b04c0a891c8ac8
bind97-utils-9.7.0-10.P2.el5_8.1.i386.rpm
x86_64:
1d1a3f2e1006da35bcce3a8ddfe2b2e0ef4358b935602610091859d4623a8450
bind97-9.7.0-10.P2.el5_8.1.x86_64.rpm
6438ee28377db46dd744c013d909aacee1a7bd58677aa88d430ec42371505ff2
bind97-chroot-9.7.0-10.P2.el5_8.1.x86_64.rpm
c231140964ec0ab35407d6eeb2887c2b0096460bec68d2ce15772acdc7d66932
bind97-devel-9.7.0-10.P2.el5_8.1.i386.rpm
bcab3bed2e2be8cf33554db1d8d6a7090af0bb6e6092f56e6bfb758ff17451ef
bind97-devel-9.7.0-10.P2.el5_8.1.x86_64.rpm
a7447f529de7315ead9a05983d355be900d83870f143fbdcb712ec0a0e30813e
bind97-libs-9.7.0-10.P2.el5_8.1.i386.rpm
2cf8f66d57a2bafd3ce19445e915347a3b5965c0141e676ec99eca4c2c3007fe
bind97-libs-9.7.0-10.P2.el5_8.1.x86_64.rpm
521102f0597bfc5cf47b2d0ece9ce5478ad387f773392cbc3a7870840df65624
bind97-utils-9.7.0-10.P2.el5_8.1.x86_64.rpm
Source:
ac9d2233f649da230376ddb9a0cd226f35dbfa2f9a411c7d000c7dbbe859dfca
bind97-9.7.0-10.P2.el5_8.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
CentOS Errata and Security Advisory 2012:0716 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0716.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
e77741388e628e6f5d5ef07c11e999b58d51f3554594d2551da58a57d5d189e8
bind-9.3.6-20.P1.el5_8.1.i386.rpm
9544267342a5aabb7714607bc7979e55bcb61cc561f4136b725b5c56adcb2614
bind-chroot-9.3.6-20.P1.el5_8.1.i386.rpm
72c8171cab0a3d0c18d1981eb8403469a9ef999945265321bfc1d662098fcb65
bind-devel-9.3.6-20.P1.el5_8.1.i386.rpm
0fa7194e0eee3fe17a0bd9d5d9e4beb16a9bbb1b244454773729a90810cb381d
bind-libbind-devel-9.3.6-20.P1.el5_8.1.i386.rpm
5e33cf76249fdef29735f2f37890136c9d9cb525d28230e73a0f6f4b21cce958
bind-libs-9.3.6-20.P1.el5_8.1.i386.rpm
6b8ee07523c01ee8fc9813390fe118982ef4c89de94c50e192995404b1de9081
bind-sdb-9.3.6-20.P1.el5_8.1.i386.rpm
7875d70c531bb1c28b5a374a0b3609a9fa38043c919206cd2fe6343bfadf61be
bind-utils-9.3.6-20.P1.el5_8.1.i386.rpm
1e9ff807dea89f7718a655df290e5f3e25b2fd40e351593ff5a46c4ac6bea870
caching-nameserver-9.3.6-20.P1.el5_8.1.i386.rpm
x86_64:
8280005de8fd86901d2e779f3991c80854a26e69359f35f94eb55dc84fee39b2
bind-9.3.6-20.P1.el5_8.1.x86_64.rpm
9509c40f89c9f4e08df2ce205eb433078f880b21167da36770cabbb941f54724
bind-chroot-9.3.6-20.P1.el5_8.1.x86_64.rpm
72c8171cab0a3d0c18d1981eb8403469a9ef999945265321bfc1d662098fcb65
bind-devel-9.3.6-20.P1.el5_8.1.i386.rpm
ce6fe0b2bcd7332a66ed2a84ce810562eaa454a0cd4d6fcaf6492aab992d3244
bind-devel-9.3.6-20.P1.el5_8.1.x86_64.rpm
0fa7194e0eee3fe17a0bd9d5d9e4beb16a9bbb1b244454773729a90810cb381d
bind-libbind-devel-9.3.6-20.P1.el5_8.1.i386.rpm
4cd6e54330bcafef627f62ea30efbca7e10cf668e096b4f4c62f242cb1abf18c
bind-libbind-devel-9.3.6-20.P1.el5_8.1.x86_64.rpm
5e33cf76249fdef29735f2f37890136c9d9cb525d28230e73a0f6f4b21cce958
bind-libs-9.3.6-20.P1.el5_8.1.i386.rpm
4a5ac3dae1ac63722f2a65686be8ac966a30de69ef74d76c2696297b95b040ac
bind-libs-9.3.6-20.P1.el5_8.1.x86_64.rpm
a07f61dc78e390c8cc709c1ac56cdd797657ffc9916d3e98d3b287c53b55fc6f
bind-sdb-9.3.6-20.P1.el5_8.1.x86_64.rpm
8b22daca4e19d687432094fe9caf81b8d8203b362289f81cb8c59d3b49a0c8f2
bind-utils-9.3.6-20.P1.el5_8.1.x86_64.rpm
965cdee27c7a5b4aa3623ebef96dfb09db035b8e99063ff2c38ebabb69f4901d
caching-nameserver-9.3.6-20.P1.el5_8.1.x86_64.rpm
Source:
02788f487ba600dbb39ac972a6383ebf4136678ff8896fc77b46e01af7aeac69
bind-9.3.6-20.P1.el5_8.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
Posljednje sigurnosne preporuke