Scientific Linux: SLSA-2016:2615-1 Critical Bind Denial of Service Fix

Date: Wed, 14 Dec 2016 17:48:47 -0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Scott Reid 
Subject: Security ERRATA Important: bind on SL7.x x86_64
MIME-Version: 1.0
Message-ID: <20161214174847.15404.83034@slpackages.fnal.gov>

Synopsis: Important: bind security update
Advisory ID: SLSA-2016:2615-1
Issue Date: 2016-11-03
CVE Numbers: CVE-2016-8864
--

Security Fix(es):

* A denial of service flaw was found in the way BIND handled responses
containing a DNAME answer. A remote attacker could use this flaw to make
named exit unexpectedly with an assertion failure via a specially crafted
DNS response. (CVE-2016-8864)
--

SL7
 x86_64
 bind-debuginfo-9.9.4-38.el7_3.i686.rpm
 bind-debuginfo-9.9.4-38.el7_3.x86_64.rpm
 bind-libs-9.9.4-38.el7_3.i686.rpm
 bind-libs-9.9.4-38.el7_3.x86_64.rpm
 bind-libs-lite-9.9.4-38.el7_3.i686.rpm
 bind-libs-lite-9.9.4-38.el7_3.x86_64.rpm
 bind-utils-9.9.4-38.el7_3.x86_64.rpm
 bind-9.9.4-38.el7_3.x86_64.rpm
 bind-chroot-9.9.4-38.el7_3.x86_64.rpm
 bind-devel-9.9.4-38.el7_3.i686.rpm
 bind-devel-9.9.4-38.el7_3.x86_64.rpm
 bind-lite-devel-9.9.4-38.el7_3.i686.rpm
 bind-lite-devel-9.9.4-38.el7_3.x86_64.rpm
 bind-pkcs11-9.9.4-38.el7_3.x86_64.rpm
 bind-pkcs11-devel-9.9.4-38.el7_3.i686.rpm
 bind-pkcs11-devel-9.9.4-38.el7_3.x86_64.rpm
 bind-pkcs11-libs-9.9.4-38.el7_3.i686.rpm
 bind-pkcs11-libs-9.9.4-38.el7_3.x86_64.rpm
 bind-pkcs11-utils-9.9.4-38.el7_3.x86_64.rpm
 bind-sdb-9.9.4-38.el7_3.x86_64.rpm
 bind-sdb-chroot-9.9.4-38.el7_3.x86_64.rpm
 noarch
 bind-license-9.9.4-38.el7_3.noarch.rpm

- Scientific Linux Development Team