![[LWN Logo]](/images/lcorner.png) |
|
![[Timeline]](/images/Included.png) |
Date: Tue, 30 Jan 2001 19:52:18 -0700 (MST)
From: Dan Burcaw <dburcaw@terraplex.com>
To: yellowdog-updates@lists.yellowdoglinux.com
Subject: [yellowdog-updates] Yellow Dog Linux Security Advisory: YDU-20010130-1
(Listmaster note: updates will start hitting mirrors shortly...)
Yellow Dog Linux Security Announcement
--------------------------------------
Package: bind
Issue Date: January 30, 2000
Update Date: January 30, 2000
Priority: high
Advisory ID: YDU-20010130-1
1. Topic:
Security vulnerabilities have been discovered in bind.
2. Problem:
Several problems, including a remoteley exploitable hole,
were found in bind, the DNS server that ships
with Yellow Dog Linux.
3. Solution:
a) Updating via yup...
We suggest that you use the Yellow Dog Update Program (yup)
to keep your system up-to-date. The following command(s) will
automatically retrieve and install the fixed version of
bind onto your system:
yup update bind
yup update bind-utils
yup update bind-devel # This rpm isn't necessary in
most cases
b) Updating manually...
The update can also be retrieved manually from our ftp site
below along with the rpm command that should be used to install
the update.
ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.2/ppc/RPMS/
bind-8.2.3-1.ppc.rpm
bind-utils-8.2.3-1.ppc.rpm
bind-devel-8.2.3-1.ppc.rpm
rpm -Fvh *-8.2.3-1.ppc.rpm
4. Verification
MD5 checksum Package
-------------------------------- ----------------------------
c57dcdad9d07ba5fa9b72f905a730b6b RPMS/bind-8.2.3-1.ppc.rpm
18a5a4cb062ba7a89236b5e878d501de RPMS/bind-devel-8.2.3-1.ppc.rpm
9a1273286da190829efb3cfb059469e6 RPMS/bind-utils-8.2.3-1.ppc.rpm
5c3ec56f0253d60198b8aa1379fdab20 SRPMS/bind-8.2.3-1.src.rpm
If you wish to verify that each package has not been corrupted or tampered with,
examine the md5sum with the following command: rpm --checksig --nogpg filename
5. Misc.
Terra Soft has setup a moderated mailing list where these security, bugfix, and package
enhancement announcements will be posted. See http://lists.yellowdoglinux.com/ for more
information.
For information regarding the usage of yup, the Yellow Dog Update Program, see
http://devel.yellowdoglinux.com/rp_yup.shtml