Monthly Archives: December 2015

CentOS

CESA-2015:2656 Important CentOS 5 bind SecurityUpdate

CentOS Errata and Security Advisory 2015:2656 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2656.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
a391b19066a380dfe5f49949484656fb4c0184d849409d16cd705ca766c6c2c9  bind-9.3.6-25.P1.el5_11.5.i386.rpm
a95bc39d5997333565f7ce0834134638868268ee25edeb8a31f2b541645aa760  bind-chroot-9.3.6-25.P1.el5_11.5.i386.rpm
78ae77851bcb3824abbc8aa5b88dbe174912504967db9988596463a59115edc9  bind-devel-9.3.6-25.P1.el5_11.5.i386.rpm
4ab04d99036291cc60c905c591b8f0c4bd33253ab0c464217f9796aa84aa0ce4  bind-libbind-devel-9.3.6-25.P1.el5_11.5.i386.rpm
c0207497c021605575abba89a819a73d2a7f21ff1182111511b9494ee7ac9531  bind-libs-9.3.6-25.P1.el5_11.5.i386.rpm
084e99f4a33b21290ae3ec25ddcbcfdd89aa646e8abd27bdd877094f41315809  bind-sdb-9.3.6-25.P1.el5_11.5.i386.rpm
919e8c5f2143f54e71a222c3fe33583aa832191012948a400c45afa968b9854e  bind-utils-9.3.6-25.P1.el5_11.5.i386.rpm
bed58b1ce7d3ff3451cdcf98fe986a86430675917dc3a9f749215af2be3ba240  caching-nameserver-9.3.6-25.P1.el5_11.5.i386.rpm

x86_64:
66b48d94bb5278a89db513069e718225a5c1ac5de6d6cad150aa56cabc00a8da  bind-9.3.6-25.P1.el5_11.5.x86_64.rpm
82e8c1fe7b30b4248ea4256c3baa5e4aa5de600953953e8f12213f04973a0c8f  bind-chroot-9.3.6-25.P1.el5_11.5.x86_64.rpm
78ae77851bcb3824abbc8aa5b88dbe174912504967db9988596463a59115edc9  bind-devel-9.3.6-25.P1.el5_11.5.i386.rpm
cc7c15dbd9808577c9aaaca7c00ef839e9f9089f83464cdd6ecff71d624ae92d  bind-devel-9.3.6-25.P1.el5_11.5.x86_64.rpm
4ab04d99036291cc60c905c591b8f0c4bd33253ab0c464217f9796aa84aa0ce4  bind-libbind-devel-9.3.6-25.P1.el5_11.5.i386.rpm
6652af1629265afcf4a22c6ddc1f9cd98da1d880b2d883f604f1609deaeae8d6  bind-libbind-devel-9.3.6-25.P1.el5_11.5.x86_64.rpm
c0207497c021605575abba89a819a73d2a7f21ff1182111511b9494ee7ac9531  bind-libs-9.3.6-25.P1.el5_11.5.i386.rpm
23bfda6f1a4bcf3cf2f88d1efa06ce709ae41347050903c41ff6abd57caafec9  bind-libs-9.3.6-25.P1.el5_11.5.x86_64.rpm
2de6dbaf5a1b217d78ddb89c1aad6ccbb951e4e555992f95f3e9287b0886b15a  bind-sdb-9.3.6-25.P1.el5_11.5.x86_64.rpm
6f4ae6d44b9840c7e84acdf3fd0ebc81444c7a6b347011afd0d6daa24ba9a1d8  bind-utils-9.3.6-25.P1.el5_11.5.x86_64.rpm
7ef7166742195d5ac49c2bb9d222ac57fcb6a33b57705a269f5d73eb8ca9961a  caching-nameserver-9.3.6-25.P1.el5_11.5.x86_64.rpm

Source:
9a65818d99a1d0beee5f80952a91e7588066375c164cd5a920c0bd47c4fec747  bind-9.3.6-25.P1.el5_11.5.src.rpm
CentOS

CESA-2015:2658 Important CentOS 5 bind97 SecurityUpdate

CentOS Errata and Security Advisory 2015:2658 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2658.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
0dc7e37c9a0bfb8cfbe4ed0f47b8a2a7203c8e0827f1c1c3e58ad2e89acbceda  bind97-9.7.0-21.P2.el5_11.4.i386.rpm
c2f9476af04240493c79f417555a3cf5d789e1bae0d5e6aa431edef340d744aa  bind97-chroot-9.7.0-21.P2.el5_11.4.i386.rpm
bf9c3704e4b53b0075b69c4364bd060bcac0537b7d802bade1dfeacf6d9960a0  bind97-devel-9.7.0-21.P2.el5_11.4.i386.rpm
58dd5a111d6f4a62a4a126438d6c84d99a2e05ba78365445e29e1511416ecfb0  bind97-libs-9.7.0-21.P2.el5_11.4.i386.rpm
5b2161fa19b6a8443ef833a39fd8874157546a6bd79dd221697c044bdad3acab  bind97-utils-9.7.0-21.P2.el5_11.4.i386.rpm

x86_64:
2031b06ec98400856ea369fda692af8a94b84e10c64537f9c95fcc0070b8d8e8  bind97-9.7.0-21.P2.el5_11.4.x86_64.rpm
b5797b4822ce8a0672843669133feae3606e18e42b443779ee454d5a760817bb  bind97-chroot-9.7.0-21.P2.el5_11.4.x86_64.rpm
bf9c3704e4b53b0075b69c4364bd060bcac0537b7d802bade1dfeacf6d9960a0  bind97-devel-9.7.0-21.P2.el5_11.4.i386.rpm
6f9d405b2da20f4e688899031638cd8ceef2bdf77c4708c28d71ee53d5d5c8f4  bind97-devel-9.7.0-21.P2.el5_11.4.x86_64.rpm
58dd5a111d6f4a62a4a126438d6c84d99a2e05ba78365445e29e1511416ecfb0  bind97-libs-9.7.0-21.P2.el5_11.4.i386.rpm
6388629f1cdbf1ca81c7626f9074166866b6d18b9c48fd1515b539c8aa772f5b  bind97-libs-9.7.0-21.P2.el5_11.4.x86_64.rpm
9f0b6d94530c667b102c482d190e34a08c6e5fde2261d4682389795be0bb73f9  bind97-utils-9.7.0-21.P2.el5_11.4.x86_64.rpm

Source:
aa22688ed36432dd77caf55436efe883cb5d1a872051923f3515846294436b50  bind97-9.7.0-21.P2.el5_11.4.src.rpm
Security

Debian Security Advisory 3420-1

Debian Linux Security Advisory 3420-1 – It was discovered that the BIND DNS server does not properly handle the parsing of incoming responses, allowing some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. A remote attacker can exploit this flaw to cause a denial of service against servers performing recursive queries.

Security

Red Hat Security Advisory 2015-2659-01

Red Hat Security Advisory 2015-2659-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. It was found that Tomcat would keep connections open after processing requests with a large enough request body. A remote attacker could potentially use this flaw to exhaust the pool of available connections and prevent further, legitimate connections to the Tomcat server.