openSUSE-SU-2016:2406-1

Опубликовано: 28 сент. 2016

Источник: suse-cvrf

Описание

Security update for bind

The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362)

This update was imported from the SUSE:SLE-12-SP1:Update update project.

Список пакетов

openSUSE Leap 42.1

bind-9.9.9P1-39.1

bind-chrootenv-9.9.9P1-39.1

bind-devel-9.9.9P1-39.1

bind-doc-9.9.9P1-39.1

bind-libs-9.9.9P1-39.1

bind-libs-32bit-9.9.9P1-39.1

bind-lwresd-9.9.9P1-39.1

bind-utils-9.9.9P1-39.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2016-09/msg00030.html
E-Mail link for openSUSE-SU-2016:2406-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.

Затронутые продукты

openSUSE Leap 42.1:bind-9.9.9P1-39.1

openSUSE Leap 42.1:bind-chrootenv-9.9.9P1-39.1

openSUSE Leap 42.1:bind-devel-9.9.9P1-39.1

openSUSE Leap 42.1:bind-doc-9.9.9P1-39.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-2776.html
CVE-2016-2776
https://bugzilla.suse.com/1000362
SUSE Bug 1000362
https://bugzilla.suse.com/1001595
SUSE Bug 1001595
https://bugzilla.suse.com/1001597
SUSE Bug 1001597
https://bugzilla.suse.com/1007829
SUSE Bug 1007829

openSUSE-SU-2016:2406-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-2776

Описание

Затронутые продукты

Ссылки