Mandrake: bind vulnerability
Posted by LinuxSecurity.com Team   
Mandrake This updates bind to run as a normal user instead of root.
-------------------------------------

   Linux-Mandrake Security Update

-------------------------------------

Package: bind

Affected versions: 6.1 7.0

Problem: By default bind is launched as user and group root. This
setting can give the possibility to easily exploit vulnerabities in
bind. Thanks to Nicolas MONNET  for his
contribution.

Please upgrade to:

md5sum: 185c51a554cd1c2fedf42f002ba8f01f  
package: 6.1/RPMS/bind-8.2.2P5-6mdk.i586.rpm

md5sum: 39757dd3b1157685a486fc2c7afe2855  
package:6.1/RPMS/bind-devel-8.2.2P5-6mdk.i586.rpm

md5sum: 507e45161ec6f9cbfb17dcf06d0831f0  
package:6.1/RPMS/bind-utils-8.2.2P5-6mdk.i586.rpm

md5sum: eeffc6a7d2c7813931a2bbcb8da05a79  
source: 6.1/SRPMS/bind-8.2.2P5-6mdk.src.rpm

md5sum: 95ccd87693c8e3c870f1bccd2842489b  
package:7.0/RPMS/bind-8.2.2P5-6mdk.i586.rpm

md5sum: 31a1b33c3cf2013ea14ac1d0432a2785  
package:7.0/RPMS/bind-devel-8.2.2P5-6mdk.i586.rpm

md5sum: ce92d5be31c4675e5ec21e4a76815633  
package:7.0/RPMS/bind-utils-8.2.2P5-6mdk.i586.rpm

md5sum: eeffc6a7d2c7813931a2bbcb8da05a79  
source: 7.0/SRPMS/bind-8.2.2P5-6mdk.src.rpm

To upgrade automatically, use « MandrakeUpdate ». If you want to
upgrade manually, download the updated package from one of our FTP
server mirrors and uprade with "rpm -Uvh package_name". All mirrors
are listed on http://www.mandrake.com/en/ftp.php3 Updated packages are
available in the "updates/" directory.

For example, if you are looking for an updated RPM package for
Mandrake 7.0, look for it in: updates/7.0/RPMS/

Note: we give the md5 sum for each package. It lets you check the
integrity of the downloaded package by running the md5sum command on
the package ("md5sum package.rpm").