Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

SUSE: 2017:0112-1 Important: Bind Denial-of-Service Threats Fixed

suse
Calendar Grey January 12, 2017
Dist Suse Esm H88
SUSE's bind security advisory addresses three issues with important updates and patch instructions for users.
An update that solves three vulnerabilities and has one An update that solves three vulnerabilities and has one An update that solves three vulnerabilities and has one errata is no...

Summary

This update for bind fixes the following issues: - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699] - Fix a potential assertion failure that could have been triggered by responding to a query with inconsistent DNSSEC information, thereby facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701, bsc#1018699] - Fix potential assertion failure that could have been triggered by DNS responses that contain unusually-formed DS resource records, facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699] Patch Instructions: To install this SUSE Security Update use YaST online_update.

References

#1018699 #1018700 #1018701 #1018702

Cross- CVE-2016-9131 CVE-2016-9147 CVE-2016-9444

Affected Products:

SUSE OpenStack Cloud 5

SUSE Manager Proxy 2.1

SUSE Manager 2.1

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-SP3-LTSS

SUSE Linux Enterprise Server 11-SP2-LTSS

SUSE Linux Enterprise Point of Sale 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2016-9131.html

https://www.suse.com/security/cve/CVE-2016-9147.html

https://www.suse.com/security/cve/CVE-2016-9444.html

https://bugzilla.suse.com/1018699

https://bugzilla.suse.com/1018700

https://bugzilla.suse.com/1018701

https://bugzilla.suse.com/1018702

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:0112-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.