Описание
Security update for bind
The nameserver bind was updated to fix a remote denial of service (crash) attack against bind nameservers doing validation on DNSSEC signed records. (CVE-2015-5722, bsc#944066).
Список пакетов
SUSE Linux Enterprise Desktop 11 SP3
bind-libs-9.9.6P1-0.15.1
bind-libs-32bit-9.9.6P1-0.15.1
bind-utils-9.9.6P1-0.15.1
SUSE Linux Enterprise Desktop 11 SP4
bind-libs-9.9.6P1-0.15.1
bind-libs-32bit-9.9.6P1-0.15.1
bind-utils-9.9.6P1-0.15.1
SUSE Linux Enterprise Server 11 SP2-LTSS
bind-9.9.6P1-0.15.1
bind-chrootenv-9.9.6P1-0.15.1
bind-devel-9.9.6P1-0.15.1
bind-doc-9.9.6P1-0.15.1
bind-libs-9.9.6P1-0.15.1
bind-libs-32bit-9.9.6P1-0.15.1
bind-utils-9.9.6P1-0.15.1
SUSE Linux Enterprise Server 11 SP3
bind-9.9.6P1-0.15.1
bind-chrootenv-9.9.6P1-0.15.1
bind-doc-9.9.6P1-0.15.1
bind-libs-9.9.6P1-0.15.1
bind-libs-32bit-9.9.6P1-0.15.1
bind-libs-x86-9.9.6P1-0.15.1
bind-utils-9.9.6P1-0.15.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
bind-9.9.6P1-0.15.1
bind-chrootenv-9.9.6P1-0.15.1
bind-doc-9.9.6P1-0.15.1
bind-libs-9.9.6P1-0.15.1
bind-libs-32bit-9.9.6P1-0.15.1
bind-libs-x86-9.9.6P1-0.15.1
bind-utils-9.9.6P1-0.15.1
SUSE Linux Enterprise Server 11 SP4
bind-9.9.6P1-0.15.1
bind-chrootenv-9.9.6P1-0.15.1
bind-doc-9.9.6P1-0.15.1
bind-libs-9.9.6P1-0.15.1
bind-libs-32bit-9.9.6P1-0.15.1
bind-libs-x86-9.9.6P1-0.15.1
bind-utils-9.9.6P1-0.15.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
bind-9.9.6P1-0.15.1
bind-chrootenv-9.9.6P1-0.15.1
bind-doc-9.9.6P1-0.15.1
bind-libs-9.9.6P1-0.15.1
bind-libs-32bit-9.9.6P1-0.15.1
bind-libs-x86-9.9.6P1-0.15.1
bind-utils-9.9.6P1-0.15.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
bind-9.9.6P1-0.15.1
bind-chrootenv-9.9.6P1-0.15.1
bind-doc-9.9.6P1-0.15.1
bind-libs-9.9.6P1-0.15.1
bind-libs-32bit-9.9.6P1-0.15.1
bind-libs-x86-9.9.6P1-0.15.1
bind-utils-9.9.6P1-0.15.1
SUSE Linux Enterprise Software Development Kit 11 SP3
bind-devel-9.9.6P1-0.15.1
bind-devel-32bit-9.9.6P1-0.15.1
SUSE Linux Enterprise Software Development Kit 11 SP4
bind-devel-9.9.6P1-0.15.1
bind-devel-32bit-9.9.6P1-0.15.1
Ссылки
- Link for SUSE-SU-2015:1480-1
- E-Mail link for SUSE-SU-2015:1480-1
- SUSE Security Ratings
- SUSE Bug 944066
- SUSE CVE CVE-2015-5722 page
Описание
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.
Затронутые продукты
SUSE Linux Enterprise Desktop 11 SP3:bind-libs-32bit-9.9.6P1-0.15.1
SUSE Linux Enterprise Desktop 11 SP3:bind-libs-9.9.6P1-0.15.1
SUSE Linux Enterprise Desktop 11 SP3:bind-utils-9.9.6P1-0.15.1
SUSE Linux Enterprise Desktop 11 SP4:bind-libs-32bit-9.9.6P1-0.15.1
Ссылки
- CVE-2015-5722
- SUSE Bug 944066
- SUSE Bug 944107
- SUSE Bug 954983
- SUSE Bug 958861