Описание
ELSA-2014-0043: bind security update (MODERATE)
[32:9.8.2-0.23.rc1.1]
- Fix CVE-2014-0591
[32:9.8.2-0.23.rc1]
- Fix gssapictx memory leak (#911167)
[32:9.8.2-0.22.rc1]
- fix CVE-2013-4854
[32:9.8.2-0.21.rc1]
- fix CVE-2013-2266
- ship dns/rrl.h in -devel subpkg
[32:9.8.2-0.20.rc1]
- remove one bogus file from /usr/share/doc, introduced by RRL patch
[32:9.8.2-0.19.rc1]
- fix CVE-2012-5689
[32:9.8.2-0.18.rc1]
- add response rate limit patch (#873624)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
bind
9.8.2-0.23.rc1.el6_5.1
bind-chroot
9.8.2-0.23.rc1.el6_5.1
bind-devel
9.8.2-0.23.rc1.el6_5.1
bind-libs
9.8.2-0.23.rc1.el6_5.1
bind-sdb
9.8.2-0.23.rc1.el6_5.1
bind-utils
9.8.2-0.23.rc1.el6_5.1
Oracle Linux i686
bind
9.8.2-0.23.rc1.el6_5.1
bind-chroot
9.8.2-0.23.rc1.el6_5.1
bind-devel
9.8.2-0.23.rc1.el6_5.1
bind-libs
9.8.2-0.23.rc1.el6_5.1
bind-sdb
9.8.2-0.23.rc1.el6_5.1
bind-utils
9.8.2-0.23.rc1.el6_5.1
Связанные CVE
Связанные уязвимости
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.
The query_findclosestnsec3 function in query.c in named in ISC BIND 9. ...
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.