Rpm for BIND 9 version 9.9.7-P2 (fix CVE-2015-5477) rhel


 
Thread Tools Search this Thread
Special Forums Cybersecurity Rpm for BIND 9 version 9.9.7-P2 (fix CVE-2015-5477) rhel
# 1  
Old 09-03-2015
Rpm for BIND 9 version 9.9.7-P2 (fix CVE-2015-5477) rhel

Hello,

I have a RedHat machine (version 5.11) and i need to install BIND version version 9.9.7-P2 in order to fix a known BIND vulnerability CVE-2015-5477.
I downloaded the tar file from isc website but i am having trouble to install the file.
Does anybody knows a link for the rpm package of this version? i cannot find the rpm and it would be much easier to update it this way.

Thank you
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

Strace rpm requirement for RHEL 5.9

I have requirement for strace utility rpm package for RHEL 5.9. I have made a google for last 1 hr. but did not find the required one. Can any one help me out to find out the compatible rpm package of strace for Redhat 5.9 version (I require 64 bit version). (7 Replies)
Discussion started by: Anjan Ganguly
7 Replies

2. UNIX for Advanced & Expert Users

Install package PHP Vulnerability: CVE-2015-4601

Hi, Anyone can help on applying patch "PHP Vulnerability: CVE-2015-4601" on Centos 6.8 platform. How can I install this patch in command line using "yum" or "rpm"? Do I need to download or there is a direct command. Thanks in advance. Ragards, FSPalero (4 Replies)
Discussion started by: fspalero
4 Replies

3. UNIX for Dummies Questions & Answers

Date format from Jan 01 2015 11:00:00 PM to 01/01/2015 23.00.00

I need to change Date and time stamp format from Jan 01 2015 11:00:00 PM to 01/01/2015 23.00.00 Existing Format : Mon DD YYYY hh:mi:ss AM/PM (Jan 01 2015 11:00:00 PM) Expected Format: MM/DD/YYYY hh.mi.ss 24 hours (01/01/2015 23.00.00) I need to update enitire file where... (3 Replies)
Discussion started by: esivaprasad
3 Replies

4. Red Hat

RHEL 7 and GNOME version

Does anyone know if final RHEL 7 is going to have GNOME 2 or 3? Anyone try the beta yet? (1 Reply)
Discussion started by: Synbios
1 Replies

5. Red Hat

INSTALL RPM's IN RHEL 5.5

After checking the dependencies from below command:- yum deplist gcc Update:- Now when I tried to install the very first dependency , it gave the below error, I guess something is wrong with YUM server itself :P ... (1 Reply)
Discussion started by: manish131081
1 Replies

6. Red Hat

RedHat version in rpm spec files

Hi In opensuse we have this nice version control variable I use much when designing rpm spec files: rpm --showrc | grep suse_version %if 0%{?suse_version} > 0 && 0%{?suse_version} < 1700 -14: suse_version 1140But I do not find anything close to this in rhel/centos The only way... (0 Replies)
Discussion started by: mortenb
0 Replies

7. Shell Programming and Scripting

expect rpm for rhel 4

hi i have an application which have a expect script. But now when I run application on other machines, it requires expect to be present on that system. Now I have the binary of expect with all the libraries required. The binary support for Rhel 5 version or later versions. Can aneone tell... (2 Replies)
Discussion started by: tapan_kumawat
2 Replies

8. Red Hat

xtrlock rpm RHEL

Hello, Any pointers where to get an rpm for xtrlock? Thanks, mgb (0 Replies)
Discussion started by: mgb
0 Replies

9. Shell Programming and Scripting

Help needed with script to verify the version of BIND

I have tried thought of using instfix -ivqc | grep BIND , but this did not return the result I was looking for; it seem to list out the the different patches that had been applied to BIND. I'm actually looking for overall version, like you'd get when checking the OS level for instance. (1 Reply)
Discussion started by: sport
1 Replies

10. Cybersecurity

bind version

How do I find out my current version of BIND? Dhall1973:D (1 Reply)
Discussion started by: dhall1973
1 Replies
Login or Register to Ask a Question
ISC-HMAC-FIXUP(1)						       BIND9							 ISC-HMAC-FIXUP(1)

NAME
isc-hmac-fixup - fixes HMAC keys generated by older versions of BIND SYNOPSIS
isc-hmac-fixup {algorithm} {secret} DESCRIPTION
Versions of BIND 9 up to and including BIND 9.6 had a bug causing HMAC-SHA* TSIG keys which were longer than the digest length of the hash algorithm (i.e., SHA1 keys longer than 160 bits, SHA256 keys longer than 256 bits, etc) to be used incorrectly, generating a message authentication code that was incompatible with other DNS implementations. This bug has been fixed in BIND 9.7. However, the fix may cause incompatibility between older and newer versions of BIND, when using long keys. isc-hmac-fixup modifies those keys to restore compatibility. To modify a key, run isc-hmac-fixup and specify the key's algorithm and secret on the command line. If the secret is longer than the digest length of the algorithm (64 bytes for SHA1 through SHA256, or 128 bytes for SHA384 and SHA512), then a new secret will be generated consisting of a hash digest of the old secret. (If the secret did not require conversion, then it will be printed without modification.) SECURITY CONSIDERATIONS
Secrets that have been converted by isc-hmac-fixup are shortened, but as this is how the HMAC protocol works in operation anyway, it does not affect security. RFC 2104 notes, "Keys longer than [the digest length] are acceptable but the extra length would not significantly increase the function strength." SEE ALSO
BIND 9 Administrator Reference Manual, RFC 2104. AUTHOR
Internet Systems Consortium COPYRIGHT
Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") BIND9 January 5, 2010 ISC-HMAC-FIXUP(1)