Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2017:0193-1

Опубликовано: 18 янв. 2017
Источник: suse-cvrf

Описание

Security update for bind

This update for bind fixes the following issues:

  • Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]

  • Fix a potential assertion failure that could have been triggered by responding to a query with inconsistent DNSSEC information, thereby facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701, bsc#1018699]

  • Fix potential assertion failure that could have been triggered by DNS responses that contain unusually-formed DS resource records, facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]

This update was imported from the SUSE:SLE-12-SP1:Update update project.

Список пакетов

openSUSE Leap 42.1
bind-9.9.9P1-43.1
bind-chrootenv-9.9.9P1-43.1
bind-devel-9.9.9P1-43.1
bind-doc-9.9.9P1-43.1
bind-libs-9.9.9P1-43.1
bind-libs-32bit-9.9.9P1-43.1
bind-lwresd-9.9.9P1-43.1
bind-utils-9.9.9P1-43.1
openSUSE Leap 42.2
bind-9.9.9P1-43.1
bind-chrootenv-9.9.9P1-43.1
bind-devel-9.9.9P1-43.1
bind-doc-9.9.9P1-43.1
bind-libs-9.9.9P1-43.1
bind-libs-32bit-9.9.9P1-43.1
bind-lwresd-9.9.9P1-43.1
bind-utils-9.9.9P1-43.1

Ссылки

Описание

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.

Затронутые продукты
openSUSE Leap 42.1:bind-9.9.9P1-43.1
openSUSE Leap 42.1:bind-chrootenv-9.9.9P1-43.1
openSUSE Leap 42.1:bind-devel-9.9.9P1-43.1
openSUSE Leap 42.1:bind-doc-9.9.9P1-43.1
Ссылки

Описание

named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.

Затронутые продукты
openSUSE Leap 42.1:bind-9.9.9P1-43.1
openSUSE Leap 42.1:bind-chrootenv-9.9.9P1-43.1
openSUSE Leap 42.1:bind-devel-9.9.9P1-43.1
openSUSE Leap 42.1:bind-doc-9.9.9P1-43.1
Ссылки

Описание

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.

Затронутые продукты
openSUSE Leap 42.1:bind-9.9.9P1-43.1
openSUSE Leap 42.1:bind-chrootenv-9.9.9P1-43.1
openSUSE Leap 42.1:bind-devel-9.9.9P1-43.1
openSUSE Leap 42.1:bind-doc-9.9.9P1-43.1
Ссылки
Уязвимость openSUSE-SU-2017:0193-1