drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in BIND
Name: |
Denial of Service in BIND |
|
ID: |
FEDORA-2015-2548 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
Do, 5. März 2015, 16:34 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 |
|
Applikationen: |
BIND |
|
Originalnachricht |
Name : bind Product : Fedora 20 Version : 9.9.4 Release : 18.P2.fc20 URL : http://www.isc.org/products/BIND/ Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly.
------------------------------------------------------------------------------- - Update Information:
CVE-2015-1349 ------------------------------------------------------------------------------- - ChangeLog:
* Mon Feb 23 2015 Tomas Hozza <thozza@redhat.com> 32:9.9.4-18.P2 - Include fix for CVE-2015-1349 * Wed Dec 10 2014 Tomas Hozza <thozza@redhat.com> 32:9.9.4-17.P2 - Fix CVE-2014-8500 (#1171913) * Fri Nov 14 2014 Tomas Hozza <thozza@redhat.com> 32:9.9.4-16.P2 - All dependencies are now architecture specific - bind-utils now requires explicit version of bind-libs - Fixed systemctl path in logrotate configuration (#1148360) * Fri Jul 18 2014 Tomas Hozza <thozza@redhat.com> 32:9.9.4-15.P2 - Rework the chroot creation/destruction workflow (#1097671) * Fri Jul 18 2014 Tomas Hozza <thozza@redhat.com> 32:9.9.4-14.P2 - Use network-online.target instead of network.target (#1117086) * Mon Jun 9 2014 Tomas Hozza <thozza@redhat.com> 32:9.9.4-13.P2 - Use /dev/urandom for generation of rndc.key (#1079799) * Wed Mar 5 2014 Tomas Hozza <thozza@redhat.tom> 32:9.9.4-12.P2 - dlz_dlopen driver could return the wrong error leading to a segfault (#1052781) - Fix race condition when freeing fetch object (ISC-Bugs #35385) * Tue Jan 14 2014 Tomas Hozza <thozza@redhat.com> 32:9.9.4-11.P2 - Update to 9.9.4-P2 due to CVE-2014-0591 * Wed Dec 18 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.4-10 - Fix crash in rbtdb after two sucessive getoriginnode() calls * Thu Nov 28 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.4-9 - Fixed memory leak in nsupdate if 'realm' was used multiple times (#984687) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1193820 - CVE-2015-1349 bind: issue in trust anchor management can cause named to crash https://bugzilla.redhat.com/show_bug.cgi?id=1193820 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update bind' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|