Serious DNS vulnerabilities – update for bind available

In the light of yesterday’s large coordinated release of DNS related updates to various products, I would like to point you to the updated bind packages in the portage tree.

  • net-dns/bind-9.4.2_p1 is currently being marked stable on all supported architectures
  • net-dns/bind-9.5.0_p1 has been committed with unstable keywords

Nameservers should be updated quite soon, since this issue should be considered serious.

A GLSA will be published after all security architectures have marked the affected package stable. The progress can be followed in bug #231201.

For more information have a look at the following links and the references therein:

Also note that if you are restricting the used outgoing ports of your nameserver by a firewall for example, this policy should be revisited.

Update 2008-07-11:
GLSA 200807-08 has just been released to address this issue.

One Reply to “Serious DNS vulnerabilities – update for bind available”

Leave a Reply

Your email address will not be published.