Critical BIND Denial-of-Service Flaw Could Take Down DNS Servers

alphadogg writes: Attackers could exploit a new vulnerability in BIND, the most popular Domain Name System (DNS) server software, to disrupt the Internet for many users. The vulnerability affects all versions of BIND 9, from BIND 9.1.0 to BIND 9.10.2-P2, and can be exploited to crash DNS servers that are powered by the software. The vulnerability announced and patched by the Internet Systems Consortium is critical because it can be used to crash both authoritative and recursive DNS servers with a single packet.

Patched on 7/28 (CentOS)

[bill_mcgonigle]

I noticed this on Google News yesterday - checked a CentOS 7 box to find that yum had installed the patch overnight on 7/28 and systemd had restarted named for me. Good work, everybody. Make sure your updates are working.
Oh, hai dollar-short Slashdot.

Re:Patched on 7/28 (CentOS)

[unrtst]

FWIW, it seems CentOS 6 was not updated (though there is an SRPM from RHEL for it).
CentOS 5 and 7 both have the update. Example mirror:
http://mirror.atlanticmetro.ne...
http://mirror.atlanticmetro.ne...
http://mirror.atlanticmetro.ne...

I also checked the mirror status: http://mirror-status.centos.or...
And checked one that was JUST updated: http://mirror.millry.co/CentOS...
No update!!!

RHEL page on their 6.x update: https://rhn.redhat.com/errata/...

Interesting, but budgie cage liner news

[Demonoid-Penguin]

Patched updates rolled out long before /. reported it (shock, horror).
If Debian is any guide most distros have already done the same and anyone running unattended-updates for security patches has been updated for several days (25th).

Re: Interesting, but budgie cage liner news

[rubycodez]

eh? http://lists.opensuse.org/open...