Sécurité informatique

SECURINFOS.INFO - Bulletins de sécurité informatique, Alertes et Protection

SUSE : mise à jour pour bind

02/08/2007 11H45
Référence Secunia : SA26308 
Date de publication : 2007-08-02

Risque : Moyennement Critique. Niveau 3 sur 5.
Impact : Spoofing
Lieu : A distance


Solutions :
Correctif de l'éditeur

OS :
openSUSE 10.2
SUSE Linux 10
SUSE Linux 10.1
SuSE Linux Entreprise Serveur 8
SUSE Linux Entreprise Serveur 9
SuSE Linux Openexchange Server 4.x
SuSE Linux Standard Server 8
UnitedLinux 1.0
Novell Open Entreprise Serveur

Référence CVE :
CVE-2007-2926



Description :
SUSE a réalisé une mise à jour pour bind. Cela corrige une vulnérabilité, qui pourrait être exploitée par des personnes malintentionnées pour empoisonner le cache DNS.


Solutions :
Appliquez les paquetages mis à jour.

Plateforme x86:

openSUSE 10.2:
ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-9.3.2-56.3.i586.rpm
48abc8f128c76c49e021005ffa37e9ee
ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-libs-9.3.2-56.3.i586.rpm
f240048ef7c3534bfc38fec305dd3544
ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-utils-9.3.2-56.3.i586.rpm
cebf7e1d7c0c26298a7b30dd0571074c

SUSE LINUX 10.1:
ftp.suse.com/pub/suse/update/10.1/rpm/i586/bind-9.3.2-17.18.i586.rpm
0a6d5f40bb95626e04bc090a89011901
ftp.suse.com/pub/suse/update/10.1/rpm/i586/bind-libs-9.3.2-17.18.i586.rpm
f44c83eb3a7971001c58675dbde639be
ftp.suse.com/pub/suse/update/10.1/rpm/i586/bind-utils-9.3.2-17.18.i586.rpm
bb311a19785da40e826827b2acfcad72

SUSE LINUX 10.0:
ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-9.3.2-56.3.i586.rpm
a75a13517fe07dda2f3f6def7de206f0
ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-devel-9.3.2-56.3.i586.rpm
0745b6d2b41259c86269632a03804372
ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-doc-9.3.2-56.3.i586.rpm
14df9b80e49a627f4d5313e9cf95fc97
ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-libs-9.3.2-56.3.i586.rpm
9e4ef221bfde5aee6a94c904a98b2fc3
ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-lwresd-9.3.2-56.3.i586.rpm
35fc7567db77d89561e991176ff0f6a4
ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-utils-9.3.2-56.3.i586.rpm
46fdb7a792c81d8a597ee7bd046a0f65
ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/nss_lwres-0.93-6.3.i586.rpm
0cea0ad2440d863eb5082138184e64ad

Plate-forme Power PC:

openSUSE 10.2:
ftp.suse.com/pub/suse/update/10.2/rpm/ppc/bind-9.3.2-56.3.ppc.rpm
8ba1e6488407ee636e2df2ed28a6e762
ftp.suse.com/pub/suse/update/10.2/rpm/ppc/bind-libs-9.3.2-56.3.ppc.rpm
0c08f744bf7a730b1da5253372689ab9
ftp.suse.com/pub/suse/update/10.2/rpm/ppc/bind-utils-9.3.2-56.3.ppc.rpm
d9ac9c156a8290b7fb36281648a687bb

SUSE LINUX 10.1:
ftp.suse.com/pub/suse/update/10.1/rpm/ppc/bind-9.3.2-17.18.ppc.rpm
01196536550eb52905def53425a33fdb
ftp.suse.com/pub/suse/update/10.1/rpm/ppc/bind-libs-9.3.2-17.18.ppc.rpm
c89a99c0076346029af97c7d700292b1
ftp.suse.com/pub/suse/update/10.1/rpm/ppc/bind-utils-9.3.2-17.18.ppc.rpm
3065af7b1739cc9c9210ac4c2ea2fb20

SUSE LINUX 10.0:
ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-9.3.2-56.3.ppc.rpm
39fa5b6d2d6d05bf7b7e6ab10a26450b
ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-devel-9.3.2-56.3.ppc.rpm
01927c9dba84b552fe4678ea545a0e1f
ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-doc-9.3.2-56.3.ppc.rpm
e19c2a378da251d2298b39c8913bbee6
ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-libs-9.3.2-56.3.ppc.rpm
e38ecdcbcf9d4c45308d9cc0c6130a50
ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-lwresd-9.3.2-56.3.ppc.rpm
c3461c9830feb17ae4152d6c5152b4e1
ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-utils-9.3.2-56.3.ppc.rpm
61a09dd2a49b0fc851a75c910c784b45
ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/nss_lwres-0.93-6.3.ppc.rpm
4f54b429356e3c3cd63025c828ee7fda

Plate-forme x86-64:

openSUSE 10.2:
ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/bind-9.3.2-56.3.x86_64.rpm
a6f05877f1e67aa034510787ab4c5eb5
ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/bind-libs-32bit-9.3.2-56.3.x86_64.rpm
b425e8ccab18397b345d3a264fb6385e
ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/bind-libs-9.3.2-56.3.x86_64.rpm
9802cea2b3e51e15838280d71529543b
ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/bind-utils-9.3.2-56.3.x86_64.rpm
5a826a5d01b13ad46825af5ec0be47d9

SUSE LINUX 10.1:
ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/bind-9.3.2-17.18.x86_64.rpm
366c78e6581c683de19367aba4b4ec18
ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/bind-libs-32bit-9.3.2-17.18.x86_64.rpm
67d44342aac8bb90cbc30cde05028ef5
ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/bind-libs-9.3.2-17.18.x86_64.rpm
d14194bd4c8fd21292e619beb4b45e30
ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/bind-utils-9.3.2-17.18.x86_64.rpm
169e61fbf1d14c74f3111129964f5781

SUSE LINUX 10.0:
ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-9.3.2-56.3.x86_64.rpm
abcc76ac1cfde1240debb90bb9a6e4d4
ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-devel-9.3.2-56.3.x86_64.rpm
c9d75ab01b6ec59a33ee057761b27689
ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-doc-9.3.2-56.3.x86_64.rpm
fb7f24a49961a51038148c3e7ddc02fb
ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-libs-32bit-9.3.2-56.3.x86_64.rpm
da1ba6adf8548175c2e2c20f82ac3aea
ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-libs-9.3.2-56.3.x86_64.rpm
eefb912d78be2d68336f5ba3e4af7da4
ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-lwresd-9.3.2-56.3.x86_64.rpm
68e60bd1dc5f3e7aeef46fb9cde0eb90
ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-utils-9.3.2-56.3.x86_64.rpm
bfbbfd8863c5d95ba01b3706b8070ed1
ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/nss_lwres-0.93-6.3.x86_64.rpm
d2b01545788cc682d85ccec56a279d63

Sources:

openSUSE 10.2:
ftp.suse.com/pub/suse/update/10.2/rpm/src/bind-9.3.2-56.3.src.rpm
38e0184897ace16acfe0c05bdc495db9

SUSE LINUX 10.1:
ftp.suse.com/pub/suse/update/10.1/rpm/src/bind-9.3.2-17.18.src.rpm
2d3b097dfc202b56b43b9fe32c7e3c32

SUSE LINUX 10.0:
ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/bind-9.3.2-56.3.src.rpm
32e43c29bdcd6fe8de2afd4de2e56918
ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/nss_lwres-0.93-6.3.src.rpm
fc699b0b5d8fd0ad309789323dcbab21


Maintenance les clients sont prévenus à apply la des paquetages mis à jour depuis le site de maintenance:

UnitedLinux 1.0
http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html

SuSE Linux Openexchange Server 4
http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html

SuSE Linux Entreprise Serveur 8
http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html

SuSE Linux Standard Server 8
http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html

SuSE Linux School Server
http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html

SUSE LINUX Retail Solution 8
http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html

SUSE Linux Entreprise Serveur 10 SP1
http://support.novell.com/techcenter/psdb/9661e828c0e56d3297ed6fc60453d1e7.html

SLE SDK 10 SP1
http://support.novell.com/techcenter/psdb/9661e828c0e56d3297ed6fc60453d1e7.html

SUSE Linux Entreprise Desktop 10 SP1
http://support.novell.com/techcenter/psdb/9661e828c0e56d3297ed6fc60453d1e7.html

Open Entreprise Serveur
http://support.novell.com/techcenter/psdb/c9ea0bc14d84824dc2e54f71907d6322.html

Novell Linux POS 9
http://support.novell.com/techcenter/psdb/c9ea0bc14d84824dc2e54f71907d6322.html

Novell Linux Desktop 9
http://support.novell.com/techcenter/psdb/c9ea0bc14d84824dc2e54f71907d6322.html

SUSE SLES 9
http://support.novell.com/techcenter/psdb/c9ea0bc14d84824dc2e54f71907d6322.html

Référence :
http://www.novell.com/linux/security/advisories/2007_47_bind.html


Autres références :

SA26152:
http://secunia.com/advisories/26152/




Veuillez noter : L'information sur laquelle ce bulletin Secunia est basé provient d'un tiers sans mention du contraire. Secunia collecte, valide, et vérifie tout les rapports de vulnérabilité issus de la recherche en sécurité de groupes, distributeurs ou autres.

Les noms, marques et enseignes cités sur ce site sont la propriété de leurs déposants respectifs.