openSUSE-SU-2017:3363-1

Опубликовано: 18 дек. 2017

Источник: suse-cvrf

Описание

Security update for pdns-recursor

This update for pdns-recursor fixes the following issues:

CVE-2017-15120: parsing error while handling authoritative answers containing a CNAME of a different class than IN, leading to a recursor crash via a NULL-pointer dereference. (boo#1072170)

Список пакетов

openSUSE Leap 42.3

pdns-recursor-4.0.5-6.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2017-12/msg00077.html
E-Mail link for openSUSE-SU-2017:3363-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a denial of service.

Затронутые продукты

openSUSE Leap 42.3:pdns-recursor-4.0.5-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2017-15120.html
CVE-2017-15120
https://bugzilla.suse.com/1072170
SUSE Bug 1072170

openSUSE-SU-2017:3363-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2017-15120

Описание

Затронутые продукты

Ссылки