Описание
Security update for bind
bind was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-5477: Remote DoS via TKEY queries (bsc#939567)
Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling.
Список пакетов
SUSE Linux Enterprise Server 11 SP1-LTSS
bind-9.6ESVR11W1-0.6.1
bind-chrootenv-9.6ESVR11W1-0.6.1
bind-devel-9.6ESVR11W1-0.6.1
bind-doc-9.6ESVR11W1-0.6.1
bind-libs-9.6ESVR11W1-0.6.1
bind-libs-32bit-9.6ESVR11W1-0.6.1
bind-utils-9.6ESVR11W1-0.6.1
SUSE Linux Enterprise Server 11 SP1-TERADATA
bind-9.6ESVR11W1-0.6.1
bind-chrootenv-9.6ESVR11W1-0.6.1
bind-devel-9.6ESVR11W1-0.6.1
bind-doc-9.6ESVR11W1-0.6.1
bind-libs-9.6ESVR11W1-0.6.1
bind-libs-32bit-9.6ESVR11W1-0.6.1
bind-utils-9.6ESVR11W1-0.6.1
Ссылки
- Link for SUSE-SU-2015:1316-1
- E-Mail link for SUSE-SU-2015:1316-1
- SUSE Security Ratings
- SUSE Bug 939567
- SUSE CVE CVE-2015-5477 page
Описание
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP1-LTSS:bind-9.6ESVR11W1-0.6.1
SUSE Linux Enterprise Server 11 SP1-LTSS:bind-chrootenv-9.6ESVR11W1-0.6.1
SUSE Linux Enterprise Server 11 SP1-LTSS:bind-devel-9.6ESVR11W1-0.6.1
SUSE Linux Enterprise Server 11 SP1-LTSS:bind-doc-9.6ESVR11W1-0.6.1
Ссылки
- CVE-2015-5477
- SUSE Bug 1000362
- SUSE Bug 939567
- SUSE Bug 980168