Описание
Security update for bind
The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362)
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
bind-9.9.6P1-0.30.1
bind-chrootenv-9.9.6P1-0.30.1
bind-doc-9.9.6P1-0.30.1
bind-libs-9.9.6P1-0.30.1
bind-utils-9.9.6P1-0.30.1
SUSE Linux Enterprise Server 11 SP2-LTSS
bind-9.9.6P1-0.30.1
bind-chrootenv-9.9.6P1-0.30.1
bind-devel-9.9.6P1-0.30.1
bind-doc-9.9.6P1-0.30.1
bind-libs-9.9.6P1-0.30.1
bind-libs-32bit-9.9.6P1-0.30.1
bind-utils-9.9.6P1-0.30.1
SUSE Linux Enterprise Server 11 SP3-LTSS
bind-9.9.6P1-0.30.1
bind-chrootenv-9.9.6P1-0.30.1
bind-doc-9.9.6P1-0.30.1
bind-libs-9.9.6P1-0.30.1
bind-libs-32bit-9.9.6P1-0.30.1
bind-utils-9.9.6P1-0.30.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
bind-9.9.6P1-0.30.1
bind-chrootenv-9.9.6P1-0.30.1
bind-doc-9.9.6P1-0.30.1
bind-libs-9.9.6P1-0.30.1
bind-libs-32bit-9.9.6P1-0.30.1
bind-utils-9.9.6P1-0.30.1
SUSE Linux Enterprise Server 11 SP4
bind-9.9.6P1-0.30.1
bind-chrootenv-9.9.6P1-0.30.1
bind-doc-9.9.6P1-0.30.1
bind-libs-9.9.6P1-0.30.1
bind-libs-32bit-9.9.6P1-0.30.1
bind-libs-x86-9.9.6P1-0.30.1
bind-utils-9.9.6P1-0.30.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
bind-9.9.6P1-0.30.1
bind-chrootenv-9.9.6P1-0.30.1
bind-doc-9.9.6P1-0.30.1
bind-libs-9.9.6P1-0.30.1
bind-libs-32bit-9.9.6P1-0.30.1
bind-libs-x86-9.9.6P1-0.30.1
bind-utils-9.9.6P1-0.30.1
SUSE Linux Enterprise Software Development Kit 11 SP4
bind-devel-9.9.6P1-0.30.1
bind-devel-32bit-9.9.6P1-0.30.1
SUSE Manager 2.1
bind-9.9.6P1-0.30.1
bind-chrootenv-9.9.6P1-0.30.1
bind-doc-9.9.6P1-0.30.1
bind-libs-9.9.6P1-0.30.1
bind-libs-32bit-9.9.6P1-0.30.1
bind-utils-9.9.6P1-0.30.1
SUSE Manager Proxy 2.1
bind-9.9.6P1-0.30.1
bind-chrootenv-9.9.6P1-0.30.1
bind-doc-9.9.6P1-0.30.1
bind-libs-9.9.6P1-0.30.1
bind-libs-32bit-9.9.6P1-0.30.1
bind-utils-9.9.6P1-0.30.1
SUSE OpenStack Cloud 5
bind-9.9.6P1-0.30.1
bind-chrootenv-9.9.6P1-0.30.1
bind-doc-9.9.6P1-0.30.1
bind-libs-9.9.6P1-0.30.1
bind-libs-32bit-9.9.6P1-0.30.1
bind-utils-9.9.6P1-0.30.1
Ссылки
- Link for SUSE-SU-2016:2405-1
- E-Mail link for SUSE-SU-2016:2405-1
- SUSE Security Ratings
- SUSE Bug 1000362
- SUSE CVE CVE-2016-2776 page
Описание
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:bind-9.9.6P1-0.30.1
SUSE Linux Enterprise Point of Sale 11 SP3:bind-chrootenv-9.9.6P1-0.30.1
SUSE Linux Enterprise Point of Sale 11 SP3:bind-doc-9.9.6P1-0.30.1
SUSE Linux Enterprise Point of Sale 11 SP3:bind-libs-9.9.6P1-0.30.1
Ссылки
- CVE-2016-2776
- SUSE Bug 1000362
- SUSE Bug 1001595
- SUSE Bug 1001597
- SUSE Bug 1007829