--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-5417ca3713
2018-08-14 21:06:35.950389
--------------------------------------------------------------------------------
Name : bind
Product : Fedora 28
Version : 9.11.4
Release : 5.P1.fc28
URL :
http://www.isc.org/products/BIND/
Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.
--------------------------------------------------------------------------------
Update Information:
Update to last security release - Fixes CVE-2018-5738 - Adds root key sentinel
mechanism support - incremental zone transfer limit to prevent journal
corruption - rndc reload memory leak
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 9 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.4-5.P1
- Update to 9.11.4-P1
- Adds root key sentinel support
- Large IXFR zone transfers are rejected to prevent journal corruption
* Thu Aug 2 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.4-4
- Support unavailable MD5 in FIPS mode
* Thu Aug 2 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.4-3
- Use OpenSSL for digest operations (#1611537)
* Tue Jul 31 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.4-2
- Install generated manual pages
* Thu Jul 12 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.4-1
- Update to 9.11.4
- Use kyua instead of kyua-cli for unit tests
* Thu Jul 12 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.3-15
- Use new config file named-chroot.files for chroot setup (#1429656)
- Fix chroot devices file verification (#1592873)
- Prevent errors on bind-chroot uninstall when running (#1600583)
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
32:9.11.3-14
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jul 2 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 32:9.11.3-13
- Rebuilt for Python 3.7
* Wed Jun 27 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.3-12
- Require utils instead of library
* Wed Jun 27 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.3-11
- Remove named.iscdlv.key file (#1595782)
- Fix CVE-2018-5738
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 32:9.11.3-10
- Rebuilt for Python 3.7
* Fri May 25 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.3-9
- Make named home writeable (#1422680)
- Change named shell to /bin/false
* Fri May 25 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.3-8
- Require C++ on build when shipped atf library is used
* Mon Apr 9 2018 Petr Men����k <pemensik(a)redhat.com> - 32:9.11.3-7
- Run tests also without kyua
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1613595 - CVE-2018-5740 bind: processing of certain records when
"deny-answer-aliases" is in use may trigger an assert leading to a denial of
service
https://bugzilla.redhat.com/show_bug.cgi?id=1613595
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-5417ca3713' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------