Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in BIND
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in BIND
ID: SUSE-SU-2016:0227-1
Distribution: SUSE
Plattformen: SUSE Linux Enterprise Server 10 SP4 LTSS
Datum: Mo, 25. Januar 2016, 16:53
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722

Originalnachricht

   SUSE Security Update: Security update for bind
______________________________________________________________________________

Announcement ID: SUSE-SU-2016:0227-1
Rating: important
References: #939567 #944066 #958861 #962189
Cross-References: CVE-2015-5477 CVE-2015-5722 CVE-2015-8000
CVE-2015-8704
Affected Products:
SUSE Linux Enterprise Server 10 SP4 LTSS
______________________________________________________________________________

An update that fixes four vulnerabilities is now available.
It includes one version update.

Description:


This update for bind fixes the following issues:

* CVE-2015-8000: Remote denial of service by mis-parsing incoming
responses. (bsc#958861)
* CVE-2015-5722: DoS against servers performing validation on
DNSSEC-signed records. (bsc#944066)
* CVE-2015-5477: DoS against authoritative and recursive servers.
* CVE-2015-8704: Specific APL data could trigger a crash. (bsc#962189)

Security Issues:

* CVE-2015-8000
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000>
* CVE-2015-5722
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722>
* CVE-2015-5477
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477>
* CVE-2015-8704
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704>



Package List:

- SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64) [New Version:
9.6ESVR11P1]:

bind-9.6ESVR11P1-0.18.1
bind-chrootenv-9.6ESVR11P1-0.18.1
bind-devel-9.6ESVR11P1-0.18.1
bind-doc-9.6ESVR11P1-0.18.1
bind-libs-9.6ESVR11P1-0.18.1
bind-utils-9.6ESVR11P1-0.18.1

- SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64) [New Version:
9.6ESVR11P1]:

bind-libs-32bit-9.6ESVR11P1-0.18.1


References:

https://www.suse.com/security/cve/CVE-2015-5477.html
https://www.suse.com/security/cve/CVE-2015-5722.html
https://www.suse.com/security/cve/CVE-2015-8000.html
https://www.suse.com/security/cve/CVE-2015-8704.html
https://bugzilla.suse.com/939567
https://bugzilla.suse.com/944066
https://bugzilla.suse.com/958861
https://bugzilla.suse.com/962189
https://download.suse.com/patch/finder/?keywords=6c9cd85bd7aa9140126fe2cf192d0ac0

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung