--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2017-f9f909a7b7
2017-04-19 16:59:44.108313
--------------------------------------------------------------------------------Name        : bind
Product     : Fedora 26
Version     : 9.11.0
Release     : 7.P5.fc26
URL         : Summary     : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.

--------------------------------------------------------------------------------Update Information:

Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1441125 - CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;"
        https://bugzilla.redhat.com/show_bug.cgi?id=1441125
  [ 2 ] Bug #1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver
        https://bugzilla.redhat.com/show_bug.cgi?id=1441133
  [ 3 ] Bug #1441137 - CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received
        https://bugzilla.redhat.com/show_bug.cgi?id=1441137
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade bind' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 26: bind Security Update 2017-f9f909a7b7

April 19, 2017
Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138

Summary

BIND (Berkeley Internet Name Domain) is an implementation of the DNS

(Domain Name System) protocols. BIND includes a DNS server (named),

which resolves host names to IP addresses; a resolver library

(routines for applications to use when interfacing with DNS); and

tools for verifying that the DNS server is operating properly.

Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138

[ 1 ] Bug #1441125 - CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;"

https://bugzilla.redhat.com/show_bug.cgi?id=1441125

[ 2 ] Bug #1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver

https://bugzilla.redhat.com/show_bug.cgi?id=1441133

[ 3 ] Bug #1441137 - CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received

https://bugzilla.redhat.com/show_bug.cgi?id=1441137

su -c 'dnf upgrade bind' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

FEDORA-2017-f9f909a7b7 2017-04-19 16:59:44.108313 Product : Fedora 26 Version : 9.11.0 Release : 7.P5.fc26 URL : Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138 [ 1 ] Bug #1441125 - CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;" https://bugzilla.redhat.com/show_bug.cgi?id=1441125 [ 2 ] Bug #1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver https://bugzilla.redhat.com/show_bug.cgi?id=1441133 [ 3 ] Bug #1441137 - CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received https://bugzilla.redhat.com/show_bug.cgi?id=1441137 su -c 'dnf upgrade bind' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 26
Version : 9.11.0
Release : 7.P5.fc26
URL : Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server

Related News

2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved