Fedora 26 2017-f9f909a7b7 Critical: Bind DNS Assertion Issues

BIND (Berkeley Internet Name Domain) is an implementation of the DNS

(Domain Name System) protocols. BIND includes a DNS server (named),

which resolves host names to IP addresses; a resolver library

(routines for applications to use when interfacing with DNS); and

tools for verifying that the DNS server is operating properly.

Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138

[ 1 ] Bug #1441125 - CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;"

https://bugzilla.redhat.com/show_bug.cgi?id=1441125

[ 2 ] Bug #1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver

https://bugzilla.redhat.com/show_bug.cgi?id=1441133

[ 3 ] Bug #1441137 - CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received

https://bugzilla.redhat.com/show_bug.cgi?id=1441137

su -c 'dnf upgrade bind' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org