Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:1481-1

Опубликовано: 02 сент. 2015
Источник: suse-cvrf

Описание

Security update for bind

The nameserver bind was updated to fix a remote denial of service (crash) attack against bind nameservers doing validation on DNSSEC signed records. (CVE-2015-5722, bsc#944066).

Список пакетов

SUSE Linux Enterprise Desktop 12
bind-libs-9.9.6P1-26.1
bind-libs-32bit-9.9.6P1-26.1
bind-utils-9.9.6P1-26.1
SUSE Linux Enterprise Server 12
bind-9.9.6P1-26.1
bind-chrootenv-9.9.6P1-26.1
bind-doc-9.9.6P1-26.1
bind-libs-9.9.6P1-26.1
bind-libs-32bit-9.9.6P1-26.1
bind-utils-9.9.6P1-26.1
SUSE Linux Enterprise Server for SAP Applications 12
bind-9.9.6P1-26.1
bind-chrootenv-9.9.6P1-26.1
bind-doc-9.9.6P1-26.1
bind-libs-9.9.6P1-26.1
bind-libs-32bit-9.9.6P1-26.1
bind-utils-9.9.6P1-26.1
SUSE Linux Enterprise Software Development Kit 12
bind-devel-9.9.6P1-26.1

Ссылки

Описание

buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:bind-libs-32bit-9.9.6P1-26.1
SUSE Linux Enterprise Desktop 12:bind-libs-9.9.6P1-26.1
SUSE Linux Enterprise Desktop 12:bind-utils-9.9.6P1-26.1
SUSE Linux Enterprise Server 12:bind-9.9.6P1-26.1
Ссылки