Oval Definition:oval:org.mitre.oval:def:28987
Revision Date:2015-08-17Version:10
Title:RHSA-2009:0020 -- bind security update (Moderate)
Description:Updated Bind packages to correct a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. A flaw was discovered in the way BIND checked the return value of the OpenSSL DSA_do_verify function. On systems using DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, allowing spoofing attacks. (CVE-2009-0025)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2009:0020-CentOS 2
CESA-2009:0020-CentOS 3
CESA-2009:0020-CentOS 5
CVE-2009-0025
RHSA-2009:0020
Platform(s):CentOS Linux 2
CentOS Linux 3
CentOS Linux 5
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):bind
Definition Synopsis
  • Red Hat Enterprise Linux 5 and CentOS Linux 5 release section
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages match section
  • bind-chroot is earlier than 30:9.3.4-6.0.3.P1.el5_2
  • OR bind-devel is earlier than 30:9.3.4-6.0.3.P1.el5_2
  • OR bind-libbind-devel is earlier than 30:9.3.4-6.0.3.P1.el5_2
  • OR caching-nameserver is earlier than 30:9.3.4-6.0.3.P1.el5_2
  • OR bind is earlier than 30:9.3.4-6.0.3.P1.el5_2
  • OR bind-libs is earlier than 30:9.3.4-6.0.3.P1.el5_2
  • OR bind-sdb is earlier than 30:9.3.4-6.0.3.P1.el5_2
  • OR bind-utils is earlier than 30:9.3.4-6.0.3.P1.el5_2
  • Red Hat Enterprise Linux 3 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • AND Packages match section
  • bind is earlier than 20:9.2.4-23.el3
  • OR bind-chroot is earlier than 20:9.2.4-23.el3
  • OR bind-devel is earlier than 20:9.2.4-23.el3
  • OR bind-libs is earlier than 20:9.2.4-23.el3
  • OR bind-utils is earlier than 20:9.2.4-23.el3
  • Red Hat Enterprise Linux 4 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • AND Packages match section
  • bind is earlier than 20:9.2.4-30.el4_7.1
  • OR bind-chroot is earlier than 20:9.2.4-30.el4_7.1
  • OR bind-devel is earlier than 20:9.2.4-30.el4_7.1
  • OR bind-libs is earlier than 20:9.2.4-30.el4_7.1
  • OR bind-utils is earlier than 20:9.2.4-30.el4_7.1
    • BACK