Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 580
Alerts This Week
Warning Icon 1 580

Fedora 24 Advisory: 2016-9417b4c1dc Critical DNS Threat Identified

fedora
Calendar Grey November 17, 2016
Dist Fedora Esm H88
Urgent security notice for Fedora 24 addressing vulnerabilities CVE-2016-6170 and CVE-2016-8864 linked to BIND libraries.
Allow zone size limit (CVE-2016-6170) ---- Security fix for CVE-2016-8864

Summary

BIND (Berkeley Internet Name Domain) is an implementation of the DNS

(Domain Name System) protocols. This package set contains only export

version of BIND libraries, that are used for building ISC DHCP.

Update Information:

Allow zone size limit (CVE-2016-6170) ---- Security fix for CVE-2016-8864

Change Log

References


[ 1 ] Bug #1353563 - CVE-2016-6170 bind: Improper restriction of zone size limit https://bugzilla.redhat.com/show_bug.cgi?id=1353563 [ 2 ] Bug #1389652 - CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer https://bugzilla.redhat.com/show_bug.cgi?id=1389652

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade bind99' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: bind99
Product: Fedora 24
Version: 9.9.9
Release: 4.P4.fc24
URL: Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) libraries

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.