openSUSE 13.2 SUSE-SU-2017:0182-1 Important Bind DoS Issues
opensuse
January 17, 2017
An update that solves three vulnerabilities and has one An update that solves three vulnerabilities and has one An update that solves three vulnerabilities and has one errata is no...
Description
This update for bind fixes the following issues:
- Fix a potential assertion failure that could have been triggered by a
malformed response to an ANY query, thereby facilitating a
denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]
- Fix a potential assertion failure that could have been triggered by
responding to a query with inconsistent DNSSEC information, thereby
facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,
bsc#1018699]
- Fix potential assertion failure that could have been triggered by DNS
responses that contain unusually-formed DS resource records,
facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702,
bsc#1018699]
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.2:
zypper in -t patch openSUSE-2017-109=1
To bring your system up-to-date, use "zypper patch".
Package List
- openSUSE 13.2 (i586 x86_64):
bind-9.9.6P1-2.28.1
bind-chrootenv-9.9.6P1-2.28.1
bind-debuginfo-9.9.6P1-2.28.1
bind-debugsource-9.9.6P1-2.28.1
bind-devel-9.9.6P1-2.28.1
bind-libs-9.9.6P1-2.28.1
bind-libs-debuginfo-9.9.6P1-2.28.1
bind-lwresd-9.9.6P1-2.28.1
bind-lwresd-debuginfo-9.9.6P1-2.28.1
bind-utils-9.9.6P1-2.28.1
bind-utils-debuginfo-9.9.6P1-2.28.1
- openSUSE 13.2 (x86_64):
bind-libs-32bit-9.9.6P1-2.28.1
bind-libs-debuginfo-32bit-9.9.6P1-2.28.1
- openSUSE 13.2 (noarch):
bind-doc-9.9.6P1-2.28.1
References
https://www.suse.com/security/cve/CVE-2016-9131.html
https://www.suse.com/security/cve/CVE-2016-9147.html
https://www.suse.com/security/cve/CVE-2016-9444.html
https://bugzilla.suse.com/1018699
https://bugzilla.suse.com/1018700
https://bugzilla.suse.com/1018701
https://bugzilla.suse.com/1018702
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2017:0182-1
Rating: important
Affected Products:
openSUSE 13.2
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!