Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 493
Alerts This Week
Warning Icon 1 493

Ubuntu 18.04: 2021-003a245697 High: OpenSSH User Enumeration Vulnerability

fedora
Calendar Grey July 12, 2017
Dist Fedora Esm H88
Fedora 24 has rolled out a security patch to tackle BIND vulnerabilities, particularly concerning unauthorized intrusions and recursive loops. To apply the update, use the dnf command.
Update back to ISC supported version

Summary

BIND (Berkeley Internet Name Domain) is an implementation of the DNS

(Domain Name System) protocols. BIND includes a DNS server (named),

which resolves host names to IP addresses; a resolver library

(routines for applications to use when interfacing with DNS); and

tools for verifying that the DNS server is operating properly.

Update back to ISC supported version. Security fix for CVE-2017-3143,

CVE-2017-3142, CVE-2017-3140

[ 1 ] Bug #1466193 - CVE-2017-3143 bind: An error in TSIG authentication can permit unauthorized dynamic updates

https://bugzilla.redhat.com/show_bug.cgi?id=1466193

[ 2 ] Bug #1461302 - CVE-2017-3140 bind: Error processing RPZ rules leads to endless loop while handling query

https://bugzilla.redhat.com/show_bug.cgi?id=1461302

[ 3 ] Bug #1466189 - CVE-2017-3142 bind: An error in TSIG authentication can permit unauthorized zone transfers

https://bugzilla.redhat.com/show_bug.cgi?id=1466189

su -c 'dnf upgrade bind' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Product: Fedora 24
Version: 9.10.5
Release: 2.P2.fc24
URL: Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.