OpenBSD Information for VU#725188
ISC BIND 9 vulnerable to denial of service via dynamic update request
- Vendor Information Help Date Notified: 28 Jul 2009
- Statement Date:
- Date Updated: 30 Jul 2009
No statement is currently available from the vendor regarding this vulnerability.
Patches for this issue were committed to the HEAD of the OpenBSD CVS respository on 2009-07-29. Users running -current from before that date should update their systems.
Patches for -release versions were published on 2009-07-29 as well. These patches can be found at:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/014_bind.patch for OpenBSD-4.4
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.5/common/007_bind.patch for OpenBSD-4.5
ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.6/common/001_bind.patch for OpenBSD-4.6 (note that OpenBSD 4.6 has not been formally released as of this writing)
Patches for this issue were committed to the OPENBSD_4_4, OPENBSD_4_5, and OPENBSD_4_6 CVS branches on 2009-07-30. Users running -stable systems from before this date should update their systems.
Older versions of the operating system are not officially supported.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.