From e8c5f493c1259d585f8b3b7ebb0e1dfdf3a6b2f5 Mon Sep 17 00:00:00 2001 From: Doug Barton Date: Tue, 24 Jul 2007 22:00:03 +0000 Subject: Update to 9.3.4-P1, which fixes the following: The DNS query id generation is vulnerable to cryptographic analysis which provides a 1 in 8 chance of guessing the next query id for 50% of the query ids. This can be used to perform cache poisoning by an attacker. This bug only affects outgoing queries, generated by BIND 9 to answer questions as a resolver, or when it is looking up data for internal uses, such as when sending NOTIFYs to slave name servers. All users are encouraged to upgrade. See also: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 --- dns/bind9/distinfo | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'dns/bind9/distinfo') diff --git a/dns/bind9/distinfo b/dns/bind9/distinfo index 8670fdffc30e..c0a896368249 100644 --- a/dns/bind9/distinfo +++ b/dns/bind9/distinfo @@ -1,6 +1,6 @@ -MD5 (bind-9.3.4.tar.gz) = df5417e7e7cf017fa28b65d0a3d6e999 -SHA256 (bind-9.3.4.tar.gz) = 40152026af715b15ac958f374394e5189a099b562eb913470ccc43f6fbd19c21 -SIZE (bind-9.3.4.tar.gz) = 5405022 -MD5 (bind-9.3.4.tar.gz.asc) = ee4dd1a52b6285627cd33f16cfbb194f -SHA256 (bind-9.3.4.tar.gz.asc) = 33440701c93495c58cf0b696f19ea767f3d23d7f9e655e7bd41345438081b189 -SIZE (bind-9.3.4.tar.gz.asc) = 479 +MD5 (bind-9.3.4-P1.tar.gz) = 51007c8f185cd5a9b2e57f70073bf25b +SHA256 (bind-9.3.4-P1.tar.gz) = f5cf38954e9b973cda204ff13cfd6d433ac307a8e5c4e7f6d978483becda842c +SIZE (bind-9.3.4-P1.tar.gz) = 5411370 +MD5 (bind-9.3.4-P1.tar.gz.asc) = 70498463dd86541efab8bcf6349c7f4c +SHA256 (bind-9.3.4-P1.tar.gz.asc) = aca659a7d70486617a8a74d64a96b259368075133a5788671b435fd69aa2df28 +SIZE (bind-9.3.4-P1.tar.gz.asc) = 478 -- cgit v1.2.3