Extended SummaryBIND vulnerability
Symptomshsphere-bind in H-Sphere 3.4 and 3.4.1 should be updated
CausePresent BIND 9.6-ESV-R3 has vulnerability according to https://www.isc.org/software/bind/advisories/cve-2011-4313
- If you already have the H-Sphere 3.4.1:
To upgrade hsphere-bind package, run the following shell command at CP server:
sh U34.0P1 update hspackages private
NOTE: As usual, if you want to update only some of your physical boxes, you can specify their IP addresses at the end of the command mentioned above, in the following format:
To verify that the package is properly installed, check the installer/updater output (it must say that hsphere-bind version 9.6-5 is installed). You can also check the BIND version on boxes with the following shell command:
The version it displays should be
- Upgrade of hsphere-bind package will change DNS bogon list to that of 15 Aug 2011.
- In order to make future updates private as well, you should assign a new UNIX profile with private updates enabled in it to all your physical boxes.
- If you are currently run H-Sphere 3.4:
sh U34.0 update hspackages private
- If you are currently run H-Sphere 3.3.1:
sh U33.0P1 update hspackages private