Update to 9.3.4-P1, which fixes the following:

The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.

This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.

All users are encouraged to upgrade.

See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926

1 files changed, 6 insertions, 6 deletions

diff --git a/dns/bind9/distinfo b/dns/bind9/distinfo
index 8670fdffc30e..c0a896368249 100644
--- a/dns/bind9/distinfo
+++ b/dns/bind9/distinfo
@@ -1,6 +1,6 @@
-MD5 (bind-9.3.4.tar.gz) = df5417e7e7cf017fa28b65d0a3d6e999
-SHA256 (bind-9.3.4.tar.gz) = 40152026af715b15ac958f374394e5189a099b562eb913470ccc43f6fbd19c21
-SIZE (bind-9.3.4.tar.gz) = 5405022
-MD5 (bind-9.3.4.tar.gz.asc) = ee4dd1a52b6285627cd33f16cfbb194f
-SHA256 (bind-9.3.4.tar.gz.asc) = 33440701c93495c58cf0b696f19ea767f3d23d7f9e655e7bd41345438081b189
-SIZE (bind-9.3.4.tar.gz.asc) = 479
+MD5 (bind-9.3.4-P1.tar.gz) = 51007c8f185cd5a9b2e57f70073bf25b
+SHA256 (bind-9.3.4-P1.tar.gz) = f5cf38954e9b973cda204ff13cfd6d433ac307a8e5c4e7f6d978483becda842c
+SIZE (bind-9.3.4-P1.tar.gz) = 5411370
+MD5 (bind-9.3.4-P1.tar.gz.asc) = 70498463dd86541efab8bcf6349c7f4c
+SHA256 (bind-9.3.4-P1.tar.gz.asc) = aca659a7d70486617a8a74d64a96b259368075133a5788671b435fd69aa2df28
+SIZE (bind-9.3.4-P1.tar.gz.asc) = 478