Server Software Update Notification: 07-18-2008
The following updates were completed on 7/15/2008 on all VPS/MPS servers:
Linux MPS/VPS:
- DNS
- The BIND implementation of the DNS protocol will be updated to address DNS cache poisoning vulnerabilities, discussed here:
http://www.kb.cert.org/vuls/id/800113
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447
The local caching nameserver will be restarted as part of this update. No action needed.
FreeBSD MPS/VPS v3:
- DNS
- The BIND implementation of the DNS protocol will be updated to address DNS cache poisoning vulnerabilities, discussed here:
http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
http://www.kb.cert.org/vuls/id/800113
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447
The local caching nameserver will be restarted as part of this update. No action needed.
FreeBSD MPS/VPS v2:
- DNS
- The BIND implementation of the DNS protocol will be updated to address DNS cache poisoning vulnerabilities, discussed here:
http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
http://www.kb.cert.org/vuls/id/800113
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447
The local caching nameserver will be restarted as part of this update. No action needed.
FreeBSD MPS/VPS v1:
- DNS
- The BIND implementation of the DNS protocol will be updated to address DNS cache poisoning vulnerabilities, discussed here:
http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
http://www.kb.cert.org/vuls/id/800113
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447
The local caching nameserver will be restarted as part of this update. No action needed.
Solaris MPS/VPS v1:
- DNS
- The BIND implementation of the DNS protocol will be updated to address DNS cache poisoning vulnerabilities, discussed here:
http://www.kb.cert.org/vuls/id/800113
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1447
The local caching nameserver will be restarted as part of this update. No action needed.
Signature:
The following notice describes an emergency change that occurred July 17th for all Signature servers. This update is classified
as “No Action Needed.”
- DNS BIND Replaced by a DNS Cache Solution
- We are replacing the caching nameserver software used on all Signature servers. We are deprecating DNS BIND due to a
current security threat affecting caching nameservers. We are replacing BIND with a dnscache solution that is not vulnerable
to this exploit.
The following notice describes an emergency change that occurred July 16th for all Signature servers. This update is classified
as “No Action Needed.”
- PHP Versioning GUI and Help Updates
- We are updating several files to ensure that the php Version Switch feature works as designed, and created help files to
support this new feature.
The advantage of this change is that the customer user experience is enhanced by the product changes and the additional help
files. The following files were changed or added:
- /usr/local/cp-v4.14/templates/default/website/phpversion.xml \
- /usr/local/cp-v4.14/help/ja_JP/utilities/changing_the_php_version.xml \
- /usr/local/apache_1.3.37/conf/rlimitmem.hosts \
/usr/local/cp-
- v4.14/help/en_US/help_toc.xml \
/usr/local/cp-v4.14/help/ja_JP/help_toc.xml \
- /usr/local/cp-v4.14/templates/default/help/help_global.xsl \
 Note: This
notification could include technical inaccuracies or typographical errors. Changes can be made to the information herein;
these changes will be distributed in new notifications. AlpineWeb might make improvements and/or changes in the product(s)
and/or the program(s) described in this publication at any time.
|
|
