Thursday, December 3, 2009

Security Update: BIND

BIND is (again) patched to fix security vulnerability. Along with this security update, some packages are upgraded as well. Have a look on -Current changelog below for more detail information:
Wed Dec 2 20:51:55 UTC 2009
a/xz-4.999.9beta-i486-1.tgz: Upgraded.

ap/rpm-4.7.2-i486-1.txz: Upgraded.

ap/sudo-1.6.8p12-i486-2.txz: Rebuilt.
Added --with-env-editor to ./configure flags so that users can do this: VISUAL=/usr/bin/pico visudo OR EDITOR=/usr/bin/pico visudo
d/ruby-1.9.1_p243-i486-1.txz: Upgraded.

kde/koffice-2.1.0-i486-1.txz: Upgraded.
Note that there's a _really_ ugly patch that was used to make this compile, otherwise it fails with this error: kis_jpeg_source.cpp:(.text+0x79): undefined reference to `jpeg_resync_to_restart(jpeg_decompress_struct*, int)' I would welcome any hints about how to compile koffice without this patch.

kdei/koffice-l10n-*: Upgraded.

n/bind-9.4.3_P4-i486-1.txz: Upgraded.
BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a potential cache poisoning vulnerability, in which data in the additional section of a response could be cached without proper DNSSEC validation.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022
http://www.kb.cert.org/vuls/id/418861
(* Security fix *)

n/proftpd-1.3.2b-i486-1.txz: Upgraded.

n/tcpdump-4.0.0-i486-2.txz: Rebuilt.
Patched to fix '-i any'. Thanks to Laurence Darby and Kanedaaa Bohater for the bug report.
Added shared libpcap (and .so.0 compatibility symlink).
Thanks to Niels Horn for suggesting this, and testing compatibility with programs that expect libpcap.so.0.

xap/sane-1.0.20-i486-1.txz: Upgraded.