what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2011-176-2

Mandriva Linux Security Advisory 2011-176-2
Posted Nov 18, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-176 - A vulnerability was discovered and corrected in bind. Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. Packages provided for Mandriva Enterprise Server 5.2 and Mandriva Linux 2010.2 with the MDVSA-2011:176 and MDVSA-2011:176-1 advisory had wrong release numbers effectively preventing installation without excessive force due previous packaging mistakes. This advisory provides corrected packages to address the problem.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-4313
SHA-256 | ccd137aa0b24aef21172472dc46e7a951f9dd172c796924eb97f853d35de3735

Mandriva Linux Security Advisory 2011-176-2

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:176-2
http://www.mandriva.com/security/
_______________________________________________________________________

Package : bind
Date : November 18, 2011
Affected: 2010.1, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability was discovered and corrected in bind:

Cache lookup could return RRSIG data associated with nonexistent
records, leading to an assertion failure. [ISC RT #26590]
(CVE-2011-4313).

The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1
which is not vulnerable to this issue.

Update:

Packages provided for Mandriva Enterprise Server 5.2 and Mandriva
Linux 2010.2 with the MDVSA-2011:176 and MDVSA-2011:176-1 advisory
had wrong release numbers effectively preventing installation without
excessive force due previous packaging mistakes. This advisory provides
corrected packages to address the problem.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313
http://www.isc.org/software/bind/advisories/cve-2011-4313
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
f39bf36a6c1338c67750fdc06e6c9938 2010.1/i586/bind-9.7.4-0.1.P1.1.1mdv2010.2.i586.rpm
18ddb3de45d1803f42690d29f193ad51 2010.1/i586/bind-devel-9.7.4-0.1.P1.1.1mdv2010.2.i586.rpm
44a8b036db1c7658f40c6c29ca94a9b2 2010.1/i586/bind-doc-9.7.4-0.1.P1.1.1mdv2010.2.i586.rpm
f65351bd5fa6fc2e71e6985613f30a13 2010.1/i586/bind-utils-9.7.4-0.1.P1.1.1mdv2010.2.i586.rpm
77c232d55313bc0758a26ec95e1f2462 2010.1/SRPMS/bind-9.7.4-0.1.P1.1.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
921dc324393e6b72ec9af179636843a4 2010.1/x86_64/bind-9.7.4-0.1.P1.1.1mdv2010.2.x86_64.rpm
738901860b2e5a878338086e06ab62f7 2010.1/x86_64/bind-devel-9.7.4-0.1.P1.1.1mdv2010.2.x86_64.rpm
2091b711bf18faec158f2be894d3deed 2010.1/x86_64/bind-doc-9.7.4-0.1.P1.1.1mdv2010.2.x86_64.rpm
30da2bada8620c4f7e59db23924da8ee 2010.1/x86_64/bind-utils-9.7.4-0.1.P1.1.1mdv2010.2.x86_64.rpm
77c232d55313bc0758a26ec95e1f2462 2010.1/SRPMS/bind-9.7.4-0.1.P1.1.1mdv2010.2.src.rpm

Mandriva Enterprise Server 5:
73d2fef181508b237fc0d74a18c9fc4a mes5/i586/bind-9.7.4-0.1.P1.1.1mdvmes5.2.i586.rpm
ffe081e6ec682e94c1578d4f4c3f5afc mes5/i586/bind-devel-9.7.4-0.1.P1.1.1mdvmes5.2.i586.rpm
8aa53e66aaac5813521c637f300690aa mes5/i586/bind-doc-9.7.4-0.1.P1.1.1mdvmes5.2.i586.rpm
80adc93320f5aaabc031252a8e74a494 mes5/i586/bind-utils-9.7.4-0.1.P1.1.1mdvmes5.2.i586.rpm
6e7372177265cf8aba76855f8577f333 mes5/SRPMS/bind-9.7.4-0.1.P1.1.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
81f88df7104598d1cecfaf07c20e539e mes5/x86_64/bind-9.7.4-0.1.P1.1.1mdvmes5.2.x86_64.rpm
e148d06c5e27c014974361a88bf6b66f mes5/x86_64/bind-devel-9.7.4-0.1.P1.1.1mdvmes5.2.x86_64.rpm
0deff4d64a7a0cfc2542d9a6a4539e8b mes5/x86_64/bind-doc-9.7.4-0.1.P1.1.1mdvmes5.2.x86_64.rpm
771f3758a10b8ef8c4a01ceaa6c6e4bc mes5/x86_64/bind-utils-9.7.4-0.1.P1.1.1mdvmes5.2.x86_64.rpm
6e7372177265cf8aba76855f8577f333 mes5/SRPMS/bind-9.7.4-0.1.P1.1.1mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFOxkXwmqjQ0CJFipgRAp3YAJ0Xo94vNtFUfsTHI8kbQotHKJ5JFwCggLXg
w7F+KMFHmoO0i3407rWefGI=
=L8A3
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close