Mandriva Update for bind MDKSA-2007:030 (bind)

Solution
Please Install the Updated Packages.
Insight
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to &quot dereference a freed fetch context.&quot (CVE-2007-0493) ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error. (CVE-2007-0494) The updated packages have been patched to correct these issues.
Affected
bind on Mandriva Linux 2006.0, Mandriva Linux 2006.0/X86_64, Mandriva Linux 2007.0, Mandriva Linux 2007.0/X86_64