The Berkeley Internet Name Domain (BIND) is an implementation of the DomainName System (DNS) protocols. BIND includes a DNS server (named); a resolverlibrary (routines for applications to use when interfacing with DNS); andtools for verifying that the DNS server is operating correctly.It was discovered that the bind packages created the "rndc.key" file withinsecure file permissions. This allowed any local user to read the contentof this file. A local user could use this flaw to control some aspects ofthe named daemon by using the rndc utility, for example, stopping the nameddaemon. This problem did not affect systems with the bind-chroot packageinstalled. (CVE-2007-6283)A buffer overflow flaw was discovered in the "inet_network()" function, asimplemented by libbind. An attacker could use this flaw to crash anapplication calling this function, with an argument provided from anuntrusted source. (CVE-2008-0122)As well, these updated packages fix the following bugs:Locating //etc/named.conf failed:[FAILED]This has been resolved in these updated packages.As well, these updated packages add the following enhancements:All users of bind are advised to upgrade to these updated packages, whichresolve these issues and add these enhancements.