Slackware-10.0 ChangeLog (2008-07-10)

Wed Jul 9 20:03:57 CDT 2008

patches/packages/bind-9.3.5_P1-i486-1_slack10.0.tgz:
Upgraded to bind-9.3.5-P1.
This upgrade addresses a security flaw known as the CERT VU#800113 DNS Cache
Poisoning Issue. This is the summary of the problem from the BIND site:
“A weakness in the DNS protocol may enable the poisoning of caching
recurive resolvers with spoofed data. DNSSEC is the only full solution.
New versions of BIND provide increased resilience to the attack.”
It is suggested that sites that run BIND upgrade to one of the new packages
in order to reduce their exposure to DNS cache poisoning attacks.
For more information, see:
http://www.isc.org/sw/bind/bind-security.php
http://www.kb.cert.org/vuls/id/800113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
(* Security fix *)
  • news/2008/07/10/slackware-10.0-changelog.txt
  • Last modified: 5 years ago
  • by Giuseppe Di Terlizzi