OpenBSD Information for VU#725188

ISC BIND 9 vulnerable to denial of service via dynamic update request

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Patches for this issue were committed to the HEAD of the OpenBSD CVS respository on 2009-07-29. Users running -current from before that date should update their systems.

Patches for -release versions were published on 2009-07-29 as well. These patches can be found at:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/014_bind.patch for OpenBSD-4.4
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.5/common/007_bind.patch for OpenBSD-4.5
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.6/common/001_bind.patch for OpenBSD-4.6 (note that OpenBSD 4.6 has not been formally released as of this writing)

Patches for this issue were committed to the OPENBSD_4_4, OPENBSD_4_5, and OPENBSD_4_6 CVS branches on 2009-07-30. Users running -stable systems from before this date should update their systems.

Older versions of the operating system are not officially supported.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.