Vorlon's Blog » DNS http://blog.vorlons.info Science, Life, Computers, ... who knows what will end up in here... Mon, 12 Oct 2009 15:35:11 +0000 en hourly 1 Serious DNS vulnerabilities – update for bind available http://blog.vorlons.info/archives/2008/07/09/174/ http://blog.vorlons.info/archives/2008/07/09/174/#comments Wed, 09 Jul 2008 09:24:28 +0000 vorlon http://blog.vorlons.info/?p=174 In the light of yesterday’s large coordinated release of DNS related updates to various products, I would like to point you to the updated bind packages in the portage tree.

  • net-dns/bind-9.4.2_p1 is currently being marked stable on all supported architectures
  • net-dns/bind-9.5.0_p1 has been committed with unstable keywords

Nameservers should be updated quite soon, since this issue should be considered serious.

A GLSA will be published after all security architectures have marked the affected package stable. The progress can be followed in bug #231201.

For more information have a look at the following links and the references therein:

Also note that if you are restricting the used outgoing ports of your nameserver by a firewall for example, this policy should be revisited.

Update 2008-07-11:
GLSA 200807-08 has just been released to address this issue.

]]> http://blog.vorlons.info/archives/2008/07/09/174/feed/ 1