FEDORA-2018-c0f12f789e

security update in Fedora 27 for bind, bind-dyndb-ldap, & 1 more

Status: stable 11 months ago

Update to bind 9.11.4


  • Fix CVE-2018-5738
  • Remove named.iscdlv.key
  • Make home writeable
  • Use invalid shell /bin/false for bind

How to install

sudo dnf upgrade --advisory=FEDORA-2018-c0f12f789e

Comments 11

This update has been submitted for testing by pemensik.

This update has obsoleted bind-9.11.3-6.fc27, and has inherited its bugs and notes.

hello pemensik, is bind-9.11.4-1.fc27 a security update? Or did the previous security update bind-9.11.3-6.fc27 already fix CVE-2018-5738?

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

works for me - but make the chroot-script require the third param and the previous one failing if it is present is ugly - not only distribution units are using it in doubt because /etc/systemd/system/ is for overrides

karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 11 months ago
in testing 11 months ago
in stable 11 months ago

Related Bugs 5

00 #1422680 wrong permissions on /var/named directory
00 #1589616 CVE-2018-5738 bind: Improper handling of configuration allows all clients to perform recursive queries
00 #1590580 CVE-2018-5738 bind: Improper handling of configuration allows all clients to perform recursive queries [fedora-all]
00 #1595782 Revoke named.iscdlv.key
00 #1600583 bind-chroot: chroot is not cleaned up correctly on uninstallation and running named-chroot

Automated Test Results