Please see https://www.isc.org/node/474 for details!
|
CVE:
|
CVE-2009-0696 | ||
|
CERT:
|
VU#725188 |
Before you start!
Redhat users will find that bind is already updated via running up2date
These versions are big fixed – see http://rhn.redhat.com/errata/RHSA-2009-1180.html :
bind-utils-9.2.4-30.el4_8.4
bind-libs-9.2.4-30.el4_8.4
bind-devel-9.2.4-30.el4_8.4
ypbind-1.17.2-13
bind-9.2.4-30.el4_8.4
# rpm -qa | grep ‘bind’
will show you what versions you are running.
If you are running any other package management then running apt-get update or yum update should sort you out as these fixes have been push. Always make sure you have a backup of your named working directory though!
Step 1: Find out what version of bind you are running
# named -v
If you are running anything that isn’t one of these versions : 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1 then you need to upgrade. I found all my cpanel/WHM boxes were running BIND 9.2.4
Step 2: Make a backup of your working directories
# mkdir /backup/bind/
# cd /backup/bind
# cp -R /var/named zones
# cp /etc/named.conf named.conf
If all goes to plan then you won’t need this backup – but you can never be too careful!
Step3 : Download a new version of bind
# mkdir /backup/bind/bind-9.4.3-P3
# cd /backup/bind/bind-9.4.3-P3
# wget http://ftp.isc.org/isc/bind9/9.4.3-P3/bind-9.4.3-P3.tar.gz
# tar zxvf bind-9.4.3-P3.tar.gz
Step 4: Compile and install new Bind
# cd bind-9.4.3-P3
# ./configure
# make
# make install
Step5: Make sure your version is now updated
# named -v