Mandriva has issued an advisory today (October 10): http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:162 Updated packages uploaded for Mageia 1 and Mageia 2. Advisory: ======================== Updated bind packages fix security vulnerability: A certain combination of records in the RBT could cause named to hang while populating the additional section of a response. (CVE-2012-5166). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166 ftp://ftp.isc.org/isc/bind/9.8.3-P4/CHANGES ftp://ftp.isc.org/isc/bind/9.9.1-P4/CHANGES ftp://ftp.isc.org/isc/bind9/9.8.3-P4/RELEASE-NOTES-BIND-9.8.3-P4.txt ftp://ftp.isc.org/isc/bind9/9.9.1-P4/RELEASE-NOTES-BIND-9.9.1-P4.txt https://kb.isc.org/article/AA-00801 http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:162 ======================== Updated packages in core/updates_testing: ======================== bind-9.8.3P4-1.mga1 bind-utils-9.8.3P4-1.mga1 bind-devel-9.8.3P4-1.mga1 bind-doc-9.8.3P4-1.mga1 bind-9.9.1.P4-1.mga2 bind-sdb-9.9.1.P4-1.mga2 bind-utils-9.9.1.P4-1.mga2 bind-devel-9.9.1.P4-1.mga2 bind-doc-9.9.1.P4-1.mga2 from SRPMS: bind-9.8.3P4-1.mga1.src.rpm bind-9.9.1.P4-1.mga2.src.rpm
Blocks: (none) => 7540Whiteboard: (none) => MGA1TOO
URL: (none) => http://lwn.net/Vulnerabilities/519152/
Testing complete Mageia 1 and 2, i586 and x86-64. Just testing that host and dig work at 127.0.0.1 Could someone from the sysadmin team push the srpm bind-9.9.1.P4-1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates and the srpm bind-9.8.3P4-1.mga1.src.rpm from Mageia 1 Core Updates Testing to Core Updates Advisory: Updated bind packages fix security vulnerability: A certain combination of records in the RBT could cause named to hang while populating the additional section of a response. (CVE-2012-5166). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166 ftp://ftp.isc.org/isc/bind/9.8.3-P4/CHANGES ftp://ftp.isc.org/isc/bind/9.9.1-P4/CHANGES ftp://ftp.isc.org/isc/bind9/9.8.3-P4/RELEASE-NOTES-BIND-9.8.3-P4.txt ftp://ftp.isc.org/isc/bind9/9.9.1-P4/RELEASE-NOTES-BIND-9.9.1-P4.txt https://kb.isc.org/article/AA-00801 http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:162 https://bugs.mageia.org/show_bug.cgi?id=7762
Keywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugsWhiteboard: MGA1TOO => MGA1TOO MGA2-64-OK MGA2-32-OK MGA1-64-OK MGA1-32-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0287
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED