Date: Sun, 4 Jun 2000 18:08:58 +0200
From: Chmouel Boudjnah chmouel@MANDRAKESOFT.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Linux-Mandrake bind update.
Linux-Mandrake Security Update
Package: bind
Affected versions: 6.1 7.0
Problem: By default bind is launched as user and group root.
This setting can give the possibility to easily exploit
vulnerabities in bind. Thanks to Nicolas MONNET for his
contribution.
Please upgrade to:
md5sum: 185c51a554cd1c2fedf42f002ba8f01f
package: 6.1/RPMS/bind-8.2.2P5-6mdk.i586.rpm
md5sum: 39757dd3b1157685a486fc2c7afe2855
package:6.1/RPMS/bind-devel-8.2.2P5-6mdk.i586.rpm
md5sum: 507e45161ec6f9cbfb17dcf06d0831f0
package:6.1/RPMS/bind-utils-8.2.2P5-6mdk.i586.rpm
md5sum: eeffc6a7d2c7813931a2bbcb8da05a79
source: 6.1/SRPMS/bind-8.2.2P5-6mdk.src.rpm
md5sum: 95ccd87693c8e3c870f1bccd2842489b
package:7.0/RPMS/bind-8.2.2P5-6mdk.i586.rpm
md5sum: 31a1b33c3cf2013ea14ac1d0432a2785
package:7.0/RPMS/bind-devel-8.2.2P5-6mdk.i586.rpm
md5sum: ce92d5be31c4675e5ec21e4a76815633
package:7.0/RPMS/bind-utils-8.2.2P5-6mdk.i586.rpm
md5sum: eeffc6a7d2c7813931a2bbcb8da05a79
source: 7.0/SRPMS/bind-8.2.2P5-6mdk.src.rpm
To upgrade automatically, use « MandrakeUpdate ». If
you want to upgrade manually, download the updated package from one
of our FTP server mirrors and uprade with “rpm -Uvh package_name”.
All mirrors are listed on http://www.mandrake.com/en/ftp.php3
Updated packages are available in the “updates/” directory.
For example, if you are looking for an updated RPM package for
Mandrake 7.0, look for it in: updates/7.0/RPMS/
Note: we give the md5 sum for each package. It lets you check
the integrity of the downloaded package by running the md5sum
command on the package (“md5sum package.rpm”).
-- MandrakeSoft Inc http://www.mandrakesoft.com --Chmouel