Astrotech
10-07-2008, 12:08
Hello,
A VERY IMPORTANT security bug was discovered today on
software BIND (DNS). It is possible to make an attack
on DNS servers and pollute the DNS server with false information
on the resolution of domain names. The exploit is not yet published
(Fault is really too severe), but soon it will be published (soon),
many hackers are fun to pollute DNS servers that have this
security hole and the final rédiriger visitors on false servers
WEB, false email servers.
This vulnerability has been EXTREMENT important and it is IMPERATIVE to
updates your DNS server on your dedicated server and the RPS.
If you are under the Release 1 and Release 2, just execute
patch-all and the server automatically updates.
Ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh # wget-O-all.sh patch;
Sh # patch-all.sh
If you are in total security, Ovh handles update your
system. You have nothing to do.
If you are Debian / Ubuntu, use apt-get to update your system.
If you are Gentoo, use emerge to update your system.
If you're Fedora / CentOS, use yum to update your system.
If you are in Susa, use yast to update your system.
Regards,
Octave
CHANGELOG:
ftp://ftp.ovh.net/made-in-ovh/releas...ELOG.release-1
ftp://ftp.ovh.net/made-in-ovh/releas...ELOG.release-2
################################################## ##########################
# The system of release 1.XX works with OVH Release 1
# Based on RH 7.2
# Http://www.ovh.co.uk/individual/item...1.xml?sort=gnu
################################################## ##########################
# To update any level of the release
# Wget-O ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh patch-all.sh; sh patch-all.sh
#
# ################# ################################ #########################
# If you have any questions regarding the releases, check the following manual:
# Http://help.ovh.co.uk/ReleasePatch
#
################################################## ##########################
# 9th July 2008 release 1.79
# An IMPORTANT security bug on BIND
#
#----( DNS server:
# Bind-9.3.5-P1
# (Previously bind-9.3.3rc3)
#
# Patch release:
# =================
# - All releases with an automatic detection of the version here is the patch
# Wget-O ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh patch-all.sh; sh patch-all.sh
# - From 1.78 to 1.79 following the patch
# Wget-O ftp://ftp.ovh.net/made-in-ovh/releas...h-1.78-1.79.sh patch-1.78-1.79.sh; patch sh-1.78-1.79.sh
#
# Patch outside release:
# ===================
# Rpm-Fvh ftp://ftp.ovh.net/made-in-ovh/release/1.78-1.79/ *
################################################## ##########################
#system of release 2.XX functions with Release 2 d' OVH # based on Gentoo # http://www.ovh.com/fr/items/distribu.../release_2.xml ################################################## ########################## # to update some is the level of the release # wget ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh - O patch-all.sh; HS patch-all.sh # ################################################## ########################## # the guide of the releases with all the questions/answers are: # http://guide.ovh.com/ReleasePatchSecurite/ # # ################################################## ########################## ################################################## ########################## # July 9, 2008 the release 2.15 # # - An IMPORTANT bug of safety on the BIND # how to apply the patch: # =========================== # - passage automatic to the last version of the release: # wget ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh - O patch-all.sh; HS patch-all.sh # - passage from 2.14 to 2.15: # wget ftp://ftp.ovh.net/made-in-ovh/releas...h-2.14-2.15.sh - O patch-2.14-2.15.sh; HS patch-2.14-2.15.sh
Followed by...
In kimsufi.general oles@ovh.net was written:
Good evening,
An error in the patch-all in the release 1 (only).
The patch-all for release 2 running without problem.
-- If you've already executed, it is likely that your DNS server is not
restarting properly. You have an error following:
/ usr / sbin / named-checkconf: error while loading shared libraries:
libisccfg.so.0: can not open shared object file: No such file or
Directory
In this case, just me on oles@ovh.net with the name of
your server and I'll fix the problem (it takes the retelecharger
. rpm and reappliquer with rpm-Uvh).
-- If you've already executed during the correction of this little bug you
must restart the patch and it will automatically correct the BUG.
-- If you have not yet launched the patch-all, you can do
eyes closed. People come to retest on a dedicated server 20ène
different. It works perfectly now.
Sorry for the error.
A your patches:
Ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh # wget-O-all.sh patch;
Sh # patch-all.sh
Yours
Octave
A VERY IMPORTANT security bug was discovered today on
software BIND (DNS). It is possible to make an attack
on DNS servers and pollute the DNS server with false information
on the resolution of domain names. The exploit is not yet published
(Fault is really too severe), but soon it will be published (soon),
many hackers are fun to pollute DNS servers that have this
security hole and the final rédiriger visitors on false servers
WEB, false email servers.
This vulnerability has been EXTREMENT important and it is IMPERATIVE to
updates your DNS server on your dedicated server and the RPS.
If you are under the Release 1 and Release 2, just execute
patch-all and the server automatically updates.
Ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh # wget-O-all.sh patch;
Sh # patch-all.sh
If you are in total security, Ovh handles update your
system. You have nothing to do.
If you are Debian / Ubuntu, use apt-get to update your system.
If you are Gentoo, use emerge to update your system.
If you're Fedora / CentOS, use yum to update your system.
If you are in Susa, use yast to update your system.
Regards,
Octave
CHANGELOG:
ftp://ftp.ovh.net/made-in-ovh/releas...ELOG.release-1
ftp://ftp.ovh.net/made-in-ovh/releas...ELOG.release-2
################################################## ##########################
# The system of release 1.XX works with OVH Release 1
# Based on RH 7.2
# Http://www.ovh.co.uk/individual/item...1.xml?sort=gnu
################################################## ##########################
# To update any level of the release
# Wget-O ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh patch-all.sh; sh patch-all.sh
#
# ################# ################################ #########################
# If you have any questions regarding the releases, check the following manual:
# Http://help.ovh.co.uk/ReleasePatch
#
################################################## ##########################
# 9th July 2008 release 1.79
# An IMPORTANT security bug on BIND
#
#----( DNS server:
# Bind-9.3.5-P1
# (Previously bind-9.3.3rc3)
#
# Patch release:
# =================
# - All releases with an automatic detection of the version here is the patch
# Wget-O ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh patch-all.sh; sh patch-all.sh
# - From 1.78 to 1.79 following the patch
# Wget-O ftp://ftp.ovh.net/made-in-ovh/releas...h-1.78-1.79.sh patch-1.78-1.79.sh; patch sh-1.78-1.79.sh
#
# Patch outside release:
# ===================
# Rpm-Fvh ftp://ftp.ovh.net/made-in-ovh/release/1.78-1.79/ *
################################################## ##########################
#system of release 2.XX functions with Release 2 d' OVH # based on Gentoo # http://www.ovh.com/fr/items/distribu.../release_2.xml ################################################## ########################## # to update some is the level of the release # wget ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh - O patch-all.sh; HS patch-all.sh # ################################################## ########################## # the guide of the releases with all the questions/answers are: # http://guide.ovh.com/ReleasePatchSecurite/ # # ################################################## ########################## ################################################## ########################## # July 9, 2008 the release 2.15 # # - An IMPORTANT bug of safety on the BIND # how to apply the patch: # =========================== # - passage automatic to the last version of the release: # wget ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh - O patch-all.sh; HS patch-all.sh # - passage from 2.14 to 2.15: # wget ftp://ftp.ovh.net/made-in-ovh/releas...h-2.14-2.15.sh - O patch-2.14-2.15.sh; HS patch-2.14-2.15.sh
Followed by...
In kimsufi.general oles@ovh.net was written:
Good evening,
An error in the patch-all in the release 1 (only).
The patch-all for release 2 running without problem.
-- If you've already executed, it is likely that your DNS server is not
restarting properly. You have an error following:
/ usr / sbin / named-checkconf: error while loading shared libraries:
libisccfg.so.0: can not open shared object file: No such file or
Directory
In this case, just me on oles@ovh.net with the name of
your server and I'll fix the problem (it takes the retelecharger
. rpm and reappliquer with rpm-Uvh
-- If you've already executed during the correction of this little bug you
must restart the patch and it will automatically correct the BUG.
-- If you have not yet launched the patch-all, you can do
eyes closed. People come to retest on a dedicated server 20ène
different. It works perfectly now.
Sorry for the error.
A your patches:
Ftp://ftp.ovh.net/made-in-ovh/release/patch-all.sh # wget-O-all.sh patch;
Sh # patch-all.sh
Yours
Octave