Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:0111-1

Опубликовано: 11 янв. 2017
Источник: suse-cvrf

Описание

Security update for bind

This update for bind fixes the following issues:

  • Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]

  • Fix a potential assertion failure that could have been triggered by responding to a query with inconsistent DNSSEC information, thereby facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701, bsc#1018699]

  • Fix potential assertion failure that could have been triggered by DNS responses that contain unusually-formed DS resource records, facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1
bind-libs-9.9.9P1-53.1
bind-libs-32bit-9.9.9P1-53.1
bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP2
bind-libs-9.9.9P1-53.1
bind-libs-32bit-9.9.9P1-53.1
bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Server 12 SP1
bind-9.9.9P1-53.1
bind-chrootenv-9.9.9P1-53.1
bind-doc-9.9.9P1-53.1
bind-libs-9.9.9P1-53.1
bind-libs-32bit-9.9.9P1-53.1
bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Server 12 SP2
bind-9.9.9P1-53.1
bind-chrootenv-9.9.9P1-53.1
bind-doc-9.9.9P1-53.1
bind-libs-9.9.9P1-53.1
bind-libs-32bit-9.9.9P1-53.1
bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
bind-9.9.9P1-53.1
bind-chrootenv-9.9.9P1-53.1
bind-doc-9.9.9P1-53.1
bind-libs-9.9.9P1-53.1
bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
bind-9.9.9P1-53.1
bind-chrootenv-9.9.9P1-53.1
bind-doc-9.9.9P1-53.1
bind-libs-9.9.9P1-53.1
bind-libs-32bit-9.9.9P1-53.1
bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
bind-9.9.9P1-53.1
bind-chrootenv-9.9.9P1-53.1
bind-doc-9.9.9P1-53.1
bind-libs-9.9.9P1-53.1
bind-libs-32bit-9.9.9P1-53.1
bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Software Development Kit 12 SP1
bind-devel-9.9.9P1-53.1
SUSE Linux Enterprise Software Development Kit 12 SP2
bind-devel-9.9.9P1-53.1

Ссылки

Описание

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:bind-libs-32bit-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP1:bind-libs-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP1:bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP2:bind-libs-32bit-9.9.9P1-53.1
Ссылки

Описание

named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:bind-libs-32bit-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP1:bind-libs-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP1:bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP2:bind-libs-32bit-9.9.9P1-53.1
Ссылки

Описание

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:bind-libs-32bit-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP1:bind-libs-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP1:bind-utils-9.9.9P1-53.1
SUSE Linux Enterprise Desktop 12 SP2:bind-libs-32bit-9.9.9P1-53.1
Ссылки