SciLinux: Important: bind on SL7.x x86_64

    Date05 Jul 2017
    302
    Posted ByLinuxSecurity Advisories
    ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK)rollover during October 2017. Maintaining an up-to-date KSK, by adding thenew root zone KSK, is essential for ensuring that validating DNS resolverscontinue to function following the rollover.
    Synopsis:          Important: bind security and bug fix update
    Advisory ID:       SLSA-2017:1680-1
    Issue Date:        2017-07-05
    CVE Numbers:       CVE-2017-3142
                       CVE-2017-3143
    --
    
    Security Fix(es):
    
    * A flaw was found in the way BIND handled TSIG authentication for dynamic
    updates. A remote attacker able to communicate with an authoritative BIND
    server could use this flaw to manipulate the contents of a zone, by
    forging a valid TSIG or SIG(0) signature for a dynamic update request.
    (CVE-2017-3143)
    
    * A flaw was found in the way BIND handled TSIG authentication of AXFR
    requests. A remote attacker, able to communicate with an authoritative
    BIND server, could use this flaw to view the entire contents of a zone by
    sending a specially constructed request packet. (CVE-2017-3142)
    
    Bug Fix(es):
    
    * ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK)
    rollover during October 2017. Maintaining an up-to-date KSK, by adding the
    new root zone KSK, is essential for ensuring that validating DNS resolvers
    continue to function following the rollover.
    --
    
    SL7
      x86_64
        bind-debuginfo-9.9.4-50.el7_3.1.i686.rpm
        bind-debuginfo-9.9.4-50.el7_3.1.x86_64.rpm
        bind-libs-9.9.4-50.el7_3.1.i686.rpm
        bind-libs-9.9.4-50.el7_3.1.x86_64.rpm
        bind-libs-lite-9.9.4-50.el7_3.1.i686.rpm
        bind-libs-lite-9.9.4-50.el7_3.1.x86_64.rpm
        bind-utils-9.9.4-50.el7_3.1.x86_64.rpm
        bind-9.9.4-50.el7_3.1.x86_64.rpm
        bind-chroot-9.9.4-50.el7_3.1.x86_64.rpm
        bind-devel-9.9.4-50.el7_3.1.i686.rpm
        bind-devel-9.9.4-50.el7_3.1.x86_64.rpm
        bind-lite-devel-9.9.4-50.el7_3.1.i686.rpm
        bind-lite-devel-9.9.4-50.el7_3.1.x86_64.rpm
        bind-pkcs11-9.9.4-50.el7_3.1.x86_64.rpm
        bind-pkcs11-devel-9.9.4-50.el7_3.1.i686.rpm
        bind-pkcs11-devel-9.9.4-50.el7_3.1.x86_64.rpm
        bind-pkcs11-libs-9.9.4-50.el7_3.1.i686.rpm
        bind-pkcs11-libs-9.9.4-50.el7_3.1.x86_64.rpm
        bind-pkcs11-utils-9.9.4-50.el7_3.1.x86_64.rpm
        bind-sdb-9.9.4-50.el7_3.1.x86_64.rpm
        bind-sdb-chroot-9.9.4-50.el7_3.1.x86_64.rpm
      noarch
        bind-license-9.9.4-50.el7_3.1.noarch.rpm
    
    - Scientific Linux Development Team
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Have you used our RSS feeds?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    21
    radio
    [{"id":"77","title":"Yes, for articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"78","title":"Yes, for advisories","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"79","title":"Hybrid that contains both","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"80","title":"No","votes":"0","type":"x","order":"4","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.