SciLinux: 2016:2142-1 Important: bind97 DoS Flaw Update

Date: Thu, 3 Nov 2016 16:12:55 -0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: bind97 on SL5.x i386/x86_64
MIME-Version: 1.0
Message-ID: <20161103161255.22432.2476@slpackages.fnal.gov>

Synopsis: Important: bind97 security update
Advisory ID: SLSA-2016:2142-1
Issue Date: 2016-11-02
CVE Numbers: CVE-2016-8864
--

Security Fix(es):

* A denial of service flaw was found in the way BIND handled responses
containing a DNAME answer. A remote attacker could use this flaw to make
named exit unexpectedly with an assertion failure via a specially crafted
DNS response. (CVE-2016-8864)
--

SL5
 x86_64
 bind97-9.7.0-21.P2.el5_11.9.x86_64.rpm
 bind97-chroot-9.7.0-21.P2.el5_11.9.x86_64.rpm
 bind97-debuginfo-9.7.0-21.P2.el5_11.9.i386.rpm
 bind97-debuginfo-9.7.0-21.P2.el5_11.9.x86_64.rpm
 bind97-devel-9.7.0-21.P2.el5_11.9.i386.rpm
 bind97-devel-9.7.0-21.P2.el5_11.9.x86_64.rpm
 bind97-libs-9.7.0-21.P2.el5_11.9.i386.rpm
 bind97-libs-9.7.0-21.P2.el5_11.9.x86_64.rpm
 bind97-utils-9.7.0-21.P2.el5_11.9.x86_64.rpm
 i386
 bind97-9.7.0-21.P2.el5_11.9.i386.rpm
 bind97-chroot-9.7.0-21.P2.el5_11.9.i386.rpm
 bind97-debuginfo-9.7.0-21.P2.el5_11.9.i386.rpm
 bind97-devel-9.7.0-21.P2.el5_11.9.i386.rpm
 bind97-libs-9.7.0-21.P2.el5_11.9.i386.rpm
 bind97-utils-9.7.0-21.P2.el5_11.9.i386.rpm

- Scientific Linux Development Team