[yellowdog-updates] Yellow Dog Linux Security Advisory: YDU-20010130-1

Subject: [yellowdog-updates] Yellow Dog Linux Security Advisory: YDU-20010130-1
From: Dan Burcaw (dburcaw@terraplex.com)
Date: Tue Jan 30 2001 - 19:52:18 MST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

(Listmaster note: updates will start hitting mirrors shortly...)

Yellow Dog Linux Security Announcement
--------------------------------------

Package: bind
Issue Date: January 30, 2000
Update Date: January 30, 2000
Priority: high
Advisory ID: YDU-20010130-1

1. Topic:

   Security vulnerabilities have been discovered in bind.
 

2. Problem:

   Several problems, including a remoteley exploitable hole,
   were found in bind, the DNS server that ships
   with Yellow Dog Linux.

3. Solution:

   a) Updating via yup...
   We suggest that you use the Yellow Dog Update Program (yup)
   to keep your system up-to-date. The following command(s) will
   automatically retrieve and install the fixed version of
   bind onto your system:

           yup update bind
           yup update bind-utils
        yup update bind-devel # This rpm isn't necessary in
                                    most cases

   b) Updating manually...
   The update can also be retrieved manually from our ftp site
   below along with the rpm command that should be used to install
   the update.

   ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/champion-1.2/ppc/RPMS/
   bind-8.2.3-1.ppc.rpm
   bind-utils-8.2.3-1.ppc.rpm
   bind-devel-8.2.3-1.ppc.rpm

        rpm -Fvh *-8.2.3-1.ppc.rpm

4. Verification

MD5 checksum Package
-------------------------------- ----------------------------
c57dcdad9d07ba5fa9b72f905a730b6b RPMS/bind-8.2.3-1.ppc.rpm
18a5a4cb062ba7a89236b5e878d501de RPMS/bind-devel-8.2.3-1.ppc.rpm
9a1273286da190829efb3cfb059469e6 RPMS/bind-utils-8.2.3-1.ppc.rpm
5c3ec56f0253d60198b8aa1379fdab20 SRPMS/bind-8.2.3-1.src.rpm

If you wish to verify that each package has not been corrupted or tampered with,
examine the md5sum with the following command: rpm --checksig --nogpg filename

5. Misc.

Terra Soft has setup a moderated mailing list where these security, bugfix, and package
enhancement announcements will be posted. See http://lists.yellowdoglinux.com/ for more
information.

For information regarding the usage of yup, the Yellow Dog Update Program, see
http://devel.yellowdoglinux.com/rp_yup.shtml

This archive was generated by hypermail 2a24 : Tue Jan 30 2001 - 20:01:08 MST