drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in BIND
Name: |
Denial of Service in BIND |
|
ID: |
MDVSA-2015:054 |
|
Distribution: |
Mandriva |
|
Plattformen: |
Mandriva Business Server 1.0 |
|
Datum: |
Mi, 4. März 2015, 16:43 |
|
Referenzen: |
http://advisories.mageia.org/MGASA-2015-0082.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 |
|
Applikationen: |
BIND |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1425466487-17399-0
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:054 http://www.mandriva.com/en/support/security/ _______________________________________________________________________
Package : bind Date : March 4, 2015 Affected: Business Server 1.0 _______________________________________________________________________
Problem Description:
Updated bind packages fix security vulnerability: Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives "dnssec-lookaside auto\;" (as enabled in the Mageia default configuration) or "dnssec-validation auto\;" (CVE-2015-1349). _______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349 http://advisories.mageia.org/MGASA-2015-0082.html _______________________________________________________________________
Updated Packages:
Mandriva Business Server 1/X86_64: 87d17f8944dfd07774598f951a5e342b mbs1/x86_64/bind-9.9.6.P2-1.mbs1.x86_64.rpm 7cc5d1caba2e2ee6f1a7ed34f57d5734 mbs1/x86_64/bind-devel-9.9.6.P2-1.mbs1.x86_64.rpm 3c58166143183223d74e5213ca5feb1b mbs1/x86_64/bind-doc-9.9.6.P2-1.mbs1.noarch.rpm 22a57fbda0364ea2a8b623c3958d80da mbs1/x86_64/bind-sdb-9.9.6.P2-1.mbs1.x86_64.rpm 14e2df9a464db7af7da97c7ab3fe866d mbs1/x86_64/bind-utils-9.9.6.P2-1.mbs1.x86_64.rpm eb0a296b13c026ae8bdbcf8d2a9199ae mbs1/SRPMS/bind-9.9.6.P2-1.mbs1.src.rpm _______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com _______________________________________________________________________
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFU9taUmqjQ0CJFipgRAm8dAJ9mWM/Zah+H/QHeBbwwx9DcP54zqwCfZRjn 87ZiU5dQZbf2iCdtu/JkkPA= =t1Cp -----END PGP SIGNATURE-----
------------=_1425466487-17399-0 Content-Type: text/plain; charset="UTF-8"; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://store.mandriva.com _______________________________________________________
------------=_1425466487-17399-0--
|
|
|
|