Описание
Security update for bind
bind was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-5477: Remote DoS via TKEY queries (bsc#939567)
Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling.
Список пакетов
SUSE Linux Enterprise Desktop 12
bind-libs-9.9.6P1-23.1
bind-libs-32bit-9.9.6P1-23.1
bind-utils-9.9.6P1-23.1
SUSE Linux Enterprise Server 12
bind-9.9.6P1-23.1
bind-chrootenv-9.9.6P1-23.1
bind-doc-9.9.6P1-23.1
bind-libs-9.9.6P1-23.1
bind-libs-32bit-9.9.6P1-23.1
bind-utils-9.9.6P1-23.1
SUSE Linux Enterprise Server for SAP Applications 12
bind-9.9.6P1-23.1
bind-chrootenv-9.9.6P1-23.1
bind-doc-9.9.6P1-23.1
bind-libs-9.9.6P1-23.1
bind-libs-32bit-9.9.6P1-23.1
bind-utils-9.9.6P1-23.1
SUSE Linux Enterprise Software Development Kit 12
bind-devel-9.9.6P1-23.1
Ссылки
- Link for SUSE-SU-2015:1305-1
- E-Mail link for SUSE-SU-2015:1305-1
- SUSE Security Ratings
- SUSE Bug 939567
- SUSE CVE CVE-2015-5477 page
Описание
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:bind-libs-32bit-9.9.6P1-23.1
SUSE Linux Enterprise Desktop 12:bind-libs-9.9.6P1-23.1
SUSE Linux Enterprise Desktop 12:bind-utils-9.9.6P1-23.1
SUSE Linux Enterprise Server 12:bind-9.9.6P1-23.1
Ссылки
- CVE-2015-5477
- SUSE Bug 1000362
- SUSE Bug 939567
- SUSE Bug 980168