Article ID: 127807, created on Dec 20, 2015, last review on Dec 20, 2015

  • Applies to:
  • Plesk Automation 11.5


In Plesk Automation uses BIND package 9.8.2 for providing DNS hosting. This version of BIND is vulnerable to CVE-2012-1667

How can we update BIND package to secured version, for example bind-9.10.3?


Plesk Automation uses default CentOS/RHEL repository to install system packages. All packages in RHEL are maintained and supported by RedHat from the release of the major version for 10 years so CentOS 5 will receive security updates until 2017, CentOS 6 until 2020.

RedHat have a policy of taking the fix from the code from later versions and backporting it to the version that was originally released and keeping the version number the same. So you can check that vulnerability CVE-2012-1667 was fixed in bind-9.8.2-0.37.rc1.el6_7.4.x86_64 package by following command:

[root@pa115mn ~]# yum info bind
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base:
 * extras:
 * updates:
Installed Packages
Name        : bind
Arch        : x86_64
Epoch       : 32
Version     : 9.8.2
Release     : 0.37.rc1.el6_7.4
Size        : 7.3 M
Repo        : installed
Summary     : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
URL         :
License     : ISC
Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS
            : (Domain Name System) protocols. BIND includes a DNS server (named),
            : which resolves host names to IP addresses; a resolver library
            : (routines for applications to use when interfacing with DNS); and
            : tools for verifying that the DNS server is operating properly.

[root@pa115mn ~]# rpm -q bind-9.8.2-0.37.rc1.el6_7.4.x86_64 --changelog bind | grep CVE-2012-1667
- fix CVE-2012-1667
- fix CVE-2012-1667

It means that hotfix for CVE-2012-1667 was included in installed BIND package and it's not needed to perform additional actions to close this vulnerability.

In other case you can use yum update bind package to install latest package updates.

NOTE: please make sure that bind package updates will be installed from default CentOS/RHEL repositories.

33a70544d00d562bbc5b17762c4ed2b3 caea8340e2d186a540518d08602aa065 e0aff7830fa22f92062ee4db78133079

Email subscription for changes to this article
Save as PDF