SUSE-SU-2017:0595-1

Опубликовано: 02 мар. 2017

Источник: suse-cvrf

Описание

Security update for bind

This update for bind fixes the following issues:

Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130)

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

bind-9.9.6P1-0.39.1

bind-chrootenv-9.9.6P1-0.39.1

bind-doc-9.9.6P1-0.39.1

bind-libs-9.9.6P1-0.39.1

bind-utils-9.9.6P1-0.39.1

SUSE Linux Enterprise Server 11 SP3-LTSS

bind-9.9.6P1-0.39.1

bind-chrootenv-9.9.6P1-0.39.1

bind-doc-9.9.6P1-0.39.1

bind-libs-9.9.6P1-0.39.1

bind-libs-32bit-9.9.6P1-0.39.1

bind-utils-9.9.6P1-0.39.1

SUSE Linux Enterprise Server 11 SP3-TERADATA

bind-9.9.6P1-0.39.1

bind-chrootenv-9.9.6P1-0.39.1

bind-doc-9.9.6P1-0.39.1

bind-libs-9.9.6P1-0.39.1

bind-libs-32bit-9.9.6P1-0.39.1

bind-utils-9.9.6P1-0.39.1

SUSE Linux Enterprise Server 11 SP4

bind-9.9.6P1-0.39.1

bind-chrootenv-9.9.6P1-0.39.1

bind-doc-9.9.6P1-0.39.1

bind-libs-9.9.6P1-0.39.1

bind-libs-32bit-9.9.6P1-0.39.1

bind-libs-x86-9.9.6P1-0.39.1

bind-utils-9.9.6P1-0.39.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

bind-9.9.6P1-0.39.1

bind-chrootenv-9.9.6P1-0.39.1

bind-doc-9.9.6P1-0.39.1

bind-libs-9.9.6P1-0.39.1

bind-libs-32bit-9.9.6P1-0.39.1

bind-libs-x86-9.9.6P1-0.39.1

bind-utils-9.9.6P1-0.39.1

SUSE Linux Enterprise Software Development Kit 11 SP4

bind-devel-9.9.6P1-0.39.1

bind-devel-32bit-9.9.6P1-0.39.1

SUSE Manager 2.1

bind-9.9.6P1-0.39.1

bind-chrootenv-9.9.6P1-0.39.1

bind-doc-9.9.6P1-0.39.1

bind-libs-9.9.6P1-0.39.1

bind-libs-32bit-9.9.6P1-0.39.1

bind-utils-9.9.6P1-0.39.1

SUSE Manager Proxy 2.1

bind-9.9.6P1-0.39.1

bind-chrootenv-9.9.6P1-0.39.1

bind-doc-9.9.6P1-0.39.1

bind-libs-9.9.6P1-0.39.1

bind-libs-32bit-9.9.6P1-0.39.1

bind-utils-9.9.6P1-0.39.1

SUSE OpenStack Cloud 5

bind-9.9.6P1-0.39.1

bind-chrootenv-9.9.6P1-0.39.1

bind-doc-9.9.6P1-0.39.1

bind-libs-9.9.6P1-0.39.1

bind-libs-32bit-9.9.6P1-0.39.1

bind-utils-9.9.6P1-0.39.1

Ссылки

https://www.suse.com/support/update/announcement/2017/suse-su-20170595-1/
Link for SUSE-SU-2017:0595-1
https://lists.suse.com/pipermail/sle-security-updates/2017-March/002673.html
E-Mail link for SUSE-SU-2017:0595-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1024130
SUSE Bug 1024130
https://www.suse.com/security/cve/CVE-2017-3135/
SUSE CVE CVE-2017-3135 page

Описание

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.

Затронутые продукты

SUSE Linux Enterprise Point of Sale 11 SP3:bind-9.9.6P1-0.39.1

SUSE Linux Enterprise Point of Sale 11 SP3:bind-chrootenv-9.9.6P1-0.39.1

SUSE Linux Enterprise Point of Sale 11 SP3:bind-doc-9.9.6P1-0.39.1

SUSE Linux Enterprise Point of Sale 11 SP3:bind-libs-9.9.6P1-0.39.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-3135.html
CVE-2017-3135
https://bugzilla.suse.com/1018700
SUSE Bug 1018700
https://bugzilla.suse.com/1018701
SUSE Bug 1018701
https://bugzilla.suse.com/1018702
SUSE Bug 1018702
https://bugzilla.suse.com/1024130
SUSE Bug 1024130
https://bugzilla.suse.com/1033466
SUSE Bug 1033466

SUSE-SU-2017:0595-1

Описание

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

SUSE Linux Enterprise Server 11 SP3-LTSS

SUSE Linux Enterprise Server 11 SP3-TERADATA

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP4

SUSE Linux Enterprise Software Development Kit 11 SP4

SUSE Manager 2.1

SUSE Manager Proxy 2.1

SUSE OpenStack Cloud 5

Ссылки

Уязвимость: CVE-2017-3135

Описание

Затронутые продукты

Ссылки