Article ID: 112855, created on Nov 21, 2011, last review on Aug 12, 2014

  • Applies to:
  • H-Sphere 3.5 SPU

Symptoms

hsphere-bind in H-Sphere 3.5 SPU should be updated

Cause

Present BIND 9.6-ESV-R3 has vulnerability according to https://www.isc.org/software/bind/advisories/cve-2011-4313

Resolution

  1. If you already have the H-Sphere 3.5 SPU installed: simple update
Upgrade hsphere-bind to version 9.6-5, containing BIND 9.6-ESV-R5-P1.
 
To upgrade hsphere-bind package, run the following shell command at CP server:
sh U35.0.priv update hspackages private
NOTE: As usual, if you want to update only some of your physical boxes, you can specify their IP addresses at the end of the command mentioned above, in the following format:
ips=IP1,IP2,...
 
To verify that the package is properly installed, check the installer/updater output (it must say that hsphere-bind version 9.6-5 is installed). You can also check the BIND version on boxes with the following shell command:
named -v
The version it displays should be
BIND 9.6-ESV-R5-P1
 
  1. If you are currently run H-Sphere 3.5 without the SPU: update to H-Sphere 3.5 SPU
Use installer/updater script: http://download.hsphere.parallels.com/shiv/HS/releases/U35.0/U35.0/U35.0.priv as described in the release notes: http://downloads.hsphere.com/release_notes/3.5.0/hs35spu.html

Additional information about H-Sphere 3.5 SPU https://kb.odin.com/en/112219

7f922a4e770ce85df792db1005dd3733 f213b9fa8759d57bee5d547445806fe7 f51a27b0a406fdfb3fcda8033c7f914d 6311ae17c1ee52b36e68aaf4ad066387

Email subscription for changes to this article
Save as PDF