drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in BIND
| Name: |
Denial of Service in BIND |
|
| ID: |
MDVSA-2015:054 |
|
| Distribution: |
Mandriva |
|
| Plattformen: |
Mandriva Business Server 1.0 |
|
| Datum: |
Mi, 4. März 2015, 16:43 |
|
| Referenzen: |
http://advisories.mageia.org/MGASA-2015-0082.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 |
|
| Applikationen: |
BIND |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1425466487-17399-0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:054
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : bind
Date : March 4, 2015
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
Updated bind packages fix security vulnerability:
Jan-Piet Mens discovered that the BIND DNS server would crash when
processing an invalid DNSSEC key rollover, either due to an error
on the zone operator's part, or due to interference with network
traffic by an attacker. This issue affects configurations with the
directives "dnssec-lookaside auto\;" (as enabled in the
Mageia default
configuration) or "dnssec-validation auto\;"
(CVE-2015-1349).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349
http://advisories.mageia.org/MGASA-2015-0082.html
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 1/X86_64:
87d17f8944dfd07774598f951a5e342b mbs1/x86_64/bind-9.9.6.P2-1.mbs1.x86_64.rpm
7cc5d1caba2e2ee6f1a7ed34f57d5734
mbs1/x86_64/bind-devel-9.9.6.P2-1.mbs1.x86_64.rpm
3c58166143183223d74e5213ca5feb1b
mbs1/x86_64/bind-doc-9.9.6.P2-1.mbs1.noarch.rpm
22a57fbda0364ea2a8b623c3958d80da
mbs1/x86_64/bind-sdb-9.9.6.P2-1.mbs1.x86_64.rpm
14e2df9a464db7af7da97c7ab3fe866d
mbs1/x86_64/bind-utils-9.9.6.P2-1.mbs1.x86_64.rpm
eb0a296b13c026ae8bdbcf8d2a9199ae mbs1/SRPMS/bind-9.9.6.P2-1.mbs1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFU9taUmqjQ0CJFipgRAm8dAJ9mWM/Zah+H/QHeBbwwx9DcP54zqwCfZRjn
87ZiU5dQZbf2iCdtu/JkkPA=
=t1Cp
-----END PGP SIGNATURE-----
------------=_1425466487-17399-0
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________
------------=_1425466487-17399-0--
|
|
|
|
