Описание
Security update for bind
This update for bind fixes the following issues:
- Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130)
This update was imported from the SUSE:SLE-12-SP1:Update update project.
Список пакетов
openSUSE Leap 42.1
bind-9.9.9P1-46.1
bind-chrootenv-9.9.9P1-46.1
bind-devel-9.9.9P1-46.1
bind-doc-9.9.9P1-46.1
bind-libs-9.9.9P1-46.1
bind-libs-32bit-9.9.9P1-46.1
bind-lwresd-9.9.9P1-46.1
bind-utils-9.9.9P1-46.1
openSUSE Leap 42.2
bind-9.9.9P1-46.1
bind-chrootenv-9.9.9P1-46.1
bind-devel-9.9.9P1-46.1
bind-doc-9.9.9P1-46.1
bind-libs-9.9.9P1-46.1
bind-libs-32bit-9.9.9P1-46.1
bind-lwresd-9.9.9P1-46.1
bind-utils-9.9.9P1-46.1
Ссылки
- E-Mail link for openSUSE-SU-2017:0620-1
- SUSE Security Ratings
Описание
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
Затронутые продукты
openSUSE Leap 42.1:bind-9.9.9P1-46.1
openSUSE Leap 42.1:bind-chrootenv-9.9.9P1-46.1
openSUSE Leap 42.1:bind-devel-9.9.9P1-46.1
openSUSE Leap 42.1:bind-doc-9.9.9P1-46.1
Ссылки
- CVE-2017-3135
- SUSE Bug 1018700
- SUSE Bug 1018701
- SUSE Bug 1018702
- SUSE Bug 1024130
- SUSE Bug 1033466