Pardus: 2011-100: Bind: Denial of Service

Posted by Benjamin D. Thomas
A vulnerability has been fixed in bind.
------------------------------------------------------------------------
Pardus Linux Security Advisory 2011-100           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2011-08-03
      Type: Remote
------------------------------------------------------------------------

Summary
======
A vulnerability has been fixed in bind.


Description
==========
CVE-2011-2464:

Unspecified vulnerability in ISC BIND  9  9.6.x  before  9.6-ESV-R4-P3,
9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers
to cause a denial of service (named daemon crash) via a crafted  UPDATE
request.







Affected packages:

  Pardus 2009:
    bind, all before 9.7.3-29-9
    bind-tools, all before 9.7.3-29-9

  Pardus 2011:
    bind, all before 9.7.3-31-p11
    bind-tools, all before 9.7.3-31-p11



Resolution
=========
There are update(s) for bind,  bind-tools.  You  can  update  them  via
Package Manager or with a single command from console:

  Pardus 2009:
    pisi up bind bind-tools

  Pardus 2011:
    pisi up bind bind-tools


References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id612

------------------------------------------------------------------------