patches/packages/bind-9.3.5_P1-i486-1_slack10.1.tgz:
Upgraded to bind-9.3.5-P1.
This upgrade addresses a security flaw known as the CERT VU#800113
DNS Cache
Poisoning Issue. This is the summary of the problem from the BIND site:
“A weakness in the
DNS protocol may enable the poisoning of caching
recurive resolvers with spoofed data. DNSSEC is the only full solution.
New versions of BIND provide increased resilience to the attack.”
It is suggested that sites that run BIND upgrade to one of the new packages
in order to reduce their exposure to
DNS cache poisoning attacks.
For more information, see:
http://www.isc.org/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/800113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
(* Security fix *)