Friday, July 27, 2007

Security Update : BIND

Slackware security team has released an update to BIND package to fix security vulnerability that affect several version of BIND. In this release, Pat and his team release an update for Slackware 8.1 and above (until 12.0). What an effort to support Slackware 8.1 up to now not worthy

Here's the changelog for the stable tree:

Thu Jul 26 15:51:42 CDT 2007
Upgraded to bind-9.4.1_P1 to fix security issues.
The default access control lists allow remote attackers to make recursive queries in BIND9 versions 9.4.0 through 9.4.1.
The query IDs in BIND9 prior to BIND 9.4.1-P1 are cryptographically weak.
For more information on these issues, see:
(* Security fix *)