In the light of yesterday’s large coordinated release of DNS related updates to various products, I would like to point you to the updated bind packages in the portage tree.
- net-dns/bind-9.4.2_p1 is currently being marked stable on all supported architectures
- net-dns/bind-9.5.0_p1 has been committed with unstable keywords
Nameservers should be updated quite soon, since this issue should be considered serious.
A GLSA will be published after all security architectures have marked the affected package stable. The progress can be followed in bug #231201.
For more information have a look at the following links and the references therein:
Also note that if you are restricting the used outgoing ports of your nameserver by a firewall for example, this policy should be revisited.
Update 2008-07-11:
GLSA 200807-08 has just been released to address this issue.
One Trackback
[...] Matthias Geerdsen: Serious DNS vulnerabilities - update for bind http://blog.vorlons.info/archives/2008/07/09/174/ - bookmarked by 4 members originally found by ertb on July 10, 2008 [...]