Updated bind97 packages that fix two security issues are now available forRed Hat Enterprise Linux 5.Red Hat Product Security has rated this update as having Important securityimpact.

Common Vulnerability Scoring System (CVSS) base scores, which givedetailed severity ratings, are available for each vulnerability from theCVE links in the References section.
The Berkeley Internet Name Domain (BIND) is an implementation of the DomainName System (DNS) protocols.

BIND includes a DNS server (named); a resolverlibrary (routines for applications to use when interfacing with DNS); andtools for verifying that the DNS server is operating correctly.A denial of service flaw was found in the way BIND parsed signature recordsfor DNAME records.

By sending a specially crafted query, a remote attackercould use this flaw to cause named to crash. (CVE-2016-1286)A denial of service flaw was found in the way BIND processed certaincontrol channel input.

A remote attacker able to send a malformed packet tothe control channel could use this flaw to cause named to crash.(CVE-2016-1285)Red Hat would like to thank ISC for reporting these issues.All bind97 users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues.

After installing theupdate, the BIND daemon (named) will be restarted automatically.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux (v. 5 server)

SRPMS:
bind97-9.7.0-21.P2.el5_11.6.src.rpm
    MD5: 48291aa3926c5ead186693557ec521ecSHA-256: 59930c5f0b60f712eebf7e1ab004e814cc35e193b5a6fcdf8e67508c379287ce
 
IA-32:
bind97-9.7.0-21.P2.el5_11.6.i386.rpm
    MD5: 83aea91800357154baa85a870a65ac8dSHA-256: 87b3c4367f5dc8808890e9262bbd16a47072453dd9c84611c0b029e8e33621da
bind97-chroot-9.7.0-21.P2.el5_11.6.i386.rpm
    MD5: a54a7c26ec7180aa78956eeb7b088356SHA-256: b1203f51e0b1952dd74990faf79698b0676183dba57d633172bcada3bac56d7c
bind97-debuginfo-9.7.0-21.P2.el5_11.6.i386.rpm
    MD5: 17f9dc9dc38c20a6259c38ac4fd065dbSHA-256: 3408bd281a8360eb39e7d0418934db15828cc2ca35348b53d09d564417324a89
bind97-devel-9.7.0-21.P2.el5_11.6.i386.rpm
    MD5: f765168df3c6fd2bdd4852bea8989a0aSHA-256: f5a67a8dfc9ff57d30545763257973617f33373a37eea42f9af6d7b38867b757
bind97-libs-9.7.0-21.P2.el5_11.6.i386.rpm
    MD5: 5b6100db4cef839cfec0d11e8114e051SHA-256: 6f729c1a2cb1e95fae7145a78de34937e95d33885717639be6cd0ec78b0f31f0
bind97-utils-9.7.0-21.P2.el5_11.6.i386.rpm
    MD5: fe407eed07ad21f16422b4a6f65f71b6SHA-256: 63073b6c9428064b178061bafe9903d5934d0b102d7793f519beac2668a0312b
 
IA-64:
bind97-9.7.0-21.P2.el5_11.6.ia64.rpm
    MD5: 90ebda66dd8ccbc4eddb21dfc21620adSHA-256: c4903b3c83a785e63e5750e5ac761af01a0eefb30d7d12a5dfd1b8597c4f83e9
bind97-chroot-9.7.0-21.P2.el5_11.6.ia64.rpm
    MD5: 253fb18a88cbedfc8077c55bd49cae08SHA-256: fabc09a3e3fc73b408ec5d20d29c151c380633cd25aff4d021bee7660e677f87
bind97-debuginfo-9.7.0-21.P2.el5_11.6.ia64.rpm
    MD5: f14b5a1183201ba17b7445aaef57fd57SHA-256: 2ed55611ff49d0f689dbd39c5bd65c8563be97f9176f0dd9f062569528213caf
bind97-devel-9.7.0-21.P2.el5_11.6.ia64.rpm
    MD5: c9912369dbbdf8e6ac9d4de8ece819f5SHA-256: 073076f5b8ee587ddf34f02a0dc09714eb033125e7b260bd291cbcf58bd29b72
bind97-libs-9.7.0-21.P2.el5_11.6.ia64.rpm
    MD5: 767087faa5c38726526e469fe0d9f79eSHA-256: 3ed93aeea1c333246f1970c2035d87b587d9d2fe646fe1ed9eb4ae7a60a8ad56
bind97-utils-9.7.0-21.P2.el5_11.6.ia64.rpm
    MD5: 8415d719e41d7ae9785a0591a62201e6SHA-256: eb2881109436d251415c3541ec782526b5fd77376774ff6e498e78e1301997f3
 
PPC:
bind97-9.7.0-21.P2.el5_11.6.ppc.rpm
    MD5: 9506aa338354dfad1e43a59c89f63079SHA-256: 388d8954fe7c97467a2b9ccd75b501da07213c48cd25793a0e176550722f7b86
bind97-chroot-9.7.0-21.P2.el5_11.6.ppc.rpm
    MD5: 1bd0a4e1a1eb2b587882435fee20d249SHA-256: ac26390a3981391807ef4afaa65a58629dd7f944d69262fd060de1839cd89d6f
bind97-debuginfo-9.7.0-21.P2.el5_11.6.ppc.rpm
    MD5: 1a29b6542bc832e17fcb04d63ff0fc5dSHA-256: dd0c5eeeec605482d149c61c64a2a7b871abe5d8a20dd57474c8ec5959b43dd5
bind97-debuginfo-9.7.0-21.P2.el5_11.6.ppc64.rpm
    MD5: b5404733a9992c2f13f8754781efebb9SHA-256: 9e3f2aa90435b3554ec2c4566ea04e21be34c402b08a9c271358e7f2f9f53da3
bind97-devel-9.7.0-21.P2.el5_11.6.ppc.rpm
    MD5: fdf110b367c7fde0d8d4b9b612ac007dSHA-256: 47b1d02a165dd009123e55eb5900bf142a16ac56763d50713eafc9915ceea5f9
bind97-devel-9.7.0-21.P2.el5_11.6.ppc64.rpm
    MD5: b57273796acf9e9192d5868affcdee6cSHA-256: c8d8e02dbdc9677941afa9296c16f8ed8e6e3e26689a6645a0e08f6276de7f2c
bind97-libs-9.7.0-21.P2.el5_11.6.ppc.rpm
    MD5: dfd4ce48d79958f22e6ff80874aac084SHA-256: 8674da4222c0470eebd999ad7129d8369a7cbca85de88e7c3b5557ff827d1848
bind97-libs-9.7.0-21.P2.el5_11.6.ppc64.rpm
    MD5: ba5d00a71ad4983c187d79c9f8d1ae02SHA-256: ad3c7f2790ab4df262e698930170cd387106223a4033919c9b440ab76d38025a
bind97-utils-9.7.0-21.P2.el5_11.6.ppc.rpm
    MD5: 6ae6c031eea5db1bce720c1ced408eefSHA-256: f190b8d09f04b6ce42fe3845e8bd803e56bbd8bcb0b8de07215ccee4766fee49
 
s390x:
bind97-9.7.0-21.P2.el5_11.6.s390x.rpm
    MD5: 8caf999f5d971b917198164f9cd30ad9SHA-256: f75359c2f63af9cf8d5dc724960ef981b0fa3e76559038950b40394b204a015a
bind97-chroot-9.7.0-21.P2.el5_11.6.s390x.rpm
    MD5: 232067591b92eb4c1834bf3358f22c7fSHA-256: 243f8ffea5a29c64862d5946b0a6f93a60304f0b144ee2b2c2cd3e9a0d735766
bind97-debuginfo-9.7.0-21.P2.el5_11.6.s390.rpm
    MD5: 70f8425b58d2c0fb9cca4e184dc488dfSHA-256: 5d87a4298317088abe86c6701861689493949ee6a8703245ca0a79b33a3662f8
bind97-debuginfo-9.7.0-21.P2.el5_11.6.s390x.rpm
    MD5: 291261686c5767e9d47ca35f77503742SHA-256: 8501bc85da10c1fad91528b3af76c109cb316f65d94e2631fa44d266d70f08f8
bind97-devel-9.7.0-21.P2.el5_11.6.s390.rpm
    MD5: df9a7c4347ce19e09607037651838dd0SHA-256: cb51cd0478270edb9c2c5f2a10252dcff2dee4b30305adfb545ca8b8ffb8b13e
bind97-devel-9.7.0-21.P2.el5_11.6.s390x.rpm
    MD5: a75cb430759d1a0f7bda844b7d8d74e1SHA-256: 82355559ab687cd8cd0551f7c7e8045ce3019823b0b0d7dfef6fc28c1f5118d3
bind97-libs-9.7.0-21.P2.el5_11.6.s390.rpm
    MD5: 5a5889d00e19893fe0a0bfc028b2d11eSHA-256: d8a784bb28f11d5633afcb17d07a91d3b888c9fc3cb5b8cb96685aaf53151e05
bind97-libs-9.7.0-21.P2.el5_11.6.s390x.rpm
    MD5: f76cff7e94c3b882c808997db79324d2SHA-256: c7bad20ff753aae996d71d61078f0c57177c285f054f663a4717b8a1ef39682e
bind97-utils-9.7.0-21.P2.el5_11.6.s390x.rpm
    MD5: 8dda095d7589ea2a52ba369e27e51e0eSHA-256: 9b8bd793ebcc267bbf4eb95a84fd87f7dafe66671278045c716856a2b1424895
 
x86_64:
bind97-9.7.0-21.P2.el5_11.6.x86_64.rpm
    MD5: 7631335e3d45e849579cb85bf640cd2bSHA-256: 8c0a16501a4b18ef64981188aa1585fbb64009e0074958e7669503247b8cc072
bind97-chroot-9.7.0-21.P2.el5_11.6.x86_64.rpm
    MD5: dd8c52c3518074e39a67d28b69700514SHA-256: 629c45c71b3354eedfbd4110cb4c289ef4809a36406dbcabf4dcdfdc98130a81
bind97-debuginfo-9.7.0-21.P2.el5_11.6.i386.rpm
    MD5: 17f9dc9dc38c20a6259c38ac4fd065dbSHA-256: 3408bd281a8360eb39e7d0418934db15828cc2ca35348b53d09d564417324a89
bind97-debuginfo-9.7.0-21.P2.el5_11.6.x86_64.rpm
    MD5: cc25181df44c63d6661f699024c23f44SHA-256: a8063a66fb2705cce97dd510837d4516d097432024a04554dc9899c969e92c95
bind97-devel-9.7.0-21.P2.el5_11.6.i386.rpm
    MD5: f765168df3c6fd2bdd4852bea8989a0aSHA-256: f5a67a8dfc9ff57d30545763257973617f33373a37eea42f9af6d7b38867b757
bind97-devel-9.7.0-21.P2.el5_11.6.x86_64.rpm
    MD5: a9df15dd74a2790f0ad683752e35e9c3SHA-256: f2eeae17dfe8aad1dcbddc58bd26daa13de35303a9290d3f48a2766ae1fc1667
bind97-libs-9.7.0-21.P2.el5_11.6.i386.rpm
    MD5: 5b6100db4cef839cfec0d11e8114e051SHA-256: 6f729c1a2cb1e95fae7145a78de34937e95d33885717639be6cd0ec78b0f31f0
bind97-libs-9.7.0-21.P2.el5_11.6.x86_64.rpm
    MD5: 5a8bbc3c40581b9050ef1e142ae689ffSHA-256: 7102f3614e80e2675a18eb3483616b01d5d488633071cbd7c15702fd13f265dd
bind97-utils-9.7.0-21.P2.el5_11.6.x86_64.rpm
    MD5: e090b6c3d28a7ff7b5353cc6d97d7517SHA-256: bd98b53ab8b971f0bddb6d5498629d26d203883ffcd635f1c10417b55125c80a
 
(The unlinked packages above are only available from the Red Hat Network)

1315674 – CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure1315680 – CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: