SUSE Security Update: Security update for bind ______________________________________________________________________________
Announcement ID: SUSE-SU-2016:0227-1 Rating: important References: #939567 #944066 #958861 #962189 Cross-References: CVE-2015-5477 CVE-2015-5722 CVE-2015-8000 CVE-2015-8704 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________
An update that fixes four vulnerabilities is now available. It includes one version update.
Description:
This update for bind fixes the following issues:
* CVE-2015-8000: Remote denial of service by mis-parsing incoming responses. (bsc#958861) * CVE-2015-5722: DoS against servers performing validation on DNSSEC-signed records. (bsc#944066) * CVE-2015-5477: DoS against authoritative and recursive servers. * CVE-2015-8704: Specific APL data could trigger a crash. (bsc#962189)