Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for bind

This update for bind fixes the following issues:

- Fix a potential assertion failure that could have been triggered by a
malformed response to an ANY query, thereby facilitating a denial-of-service
attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]

- Fix a potential assertion failure that could have been triggered by
responding to a query with inconsistent DNSSEC information, thereby
facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701,
bsc#1018699]

- Fix potential assertion failure that could have been triggered by DNS
responses that contain unusually-formed DS resource records, facilitating a
denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]

This update was imported from the SUSE:SLE-12-SP1:Update update project.

Fixed bugs
bnc#1018700
VUL-0: CVE-2016-9131: bind: malformed response can cause assertion failure during recursion
bnc#1018701
VUL-0: CVE-2016-9147: bind: response containing inconsistent DNSSEC information could cause an assertion failure
bnc#1018702
VUL-0: CVE-2016-9444: bind: unusually-formed DS record response could cause an assertion failure
bnc#1018699
VUL-0: TRACKERBUG: bind: security update January 2017
CVE-2016-9147
CVE-2016-9444
CVE-2016-9131
Selected Binaries
openSUSE Build Service is sponsored by
Places