Bug 454210
Summary: | Build Request 9.5.0 Final for F8/F9 | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Reindl Harald <spam2> |
Component: | bind | Assignee: | Adam Tkac <atkac> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 9 | CC: | atkac, ovasik, shrek-m |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | 9.5.0-33.P1.fc9 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-07-09 21:45:24 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Reindl Harald
2008-07-06 18:13:59 UTC
bind-9.5.0-33.P1.fc9 has been submitted as an update for Fedora 9 thanks for bind-9.5.0-33.P1.fc9.x86_64 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 # service named status | head -1 version: 9.5.0-P1 here is a test from dan kaminsky http://doxpara.com/ "Check my DNS" with bind-9.5.0-33.P1.fc9.x86_64 Your name server, at 92.194.26.110, appears vulnerable to DNS Cache Poisoning. All requests came from the following source port: 53 Requests seen for 381d4522e342.toorrr.com: 92.194.26.110:53 TXID=9676 92.194.26.110:53 TXID=34357 92.194.26.110:53 TXID=24141 92.194.26.110:53 TXID=17688 92.194.26.110:53 TXID=13472 9.5.0.33-P1 seems to use always port 53, pdns seems to use random ports as it should be. with pdns-recursor-3.1.5-1.fc9.x86_64 Your name server, at 92.194.26.110, appears to be safe. Requests seen for 2d4735efa430.toorrr.com: 92.194.26.110:48369 TXID=44592 92.194.26.110:63213 TXID=38931 92.194.26.110:26619 TXID=15104 92.194.26.110:8520 TXID=21689 92.194.26.110:6257 TXID=59912 oops, my named.conf is really old, the named.conf.rpmnew is from 2007-06-14 without query-source all is ok. # grep source /etc/named.conf--old_always-source-port-53 query-source port 53; query-source-v6 port 53; bind-9.5.0-33.P1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. |