Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
patchinfo.5084
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.5084
<patchinfo incident="5084"> <issue id="1046554" tracker="bnc">CVE-2017-3142: bind: An error in TSIG authentication can permit unauthorized zone transfers</issue> <issue id="1046555" tracker="bnc">CVE-2017-3143: bind: An error in TSIG authentication can permit unauthorized dynamic updates</issue> <issue id="2017-3142" tracker="cve" /> <issue id="2017-3143" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>psimons</packager> <description>This update for bind fixes the following issues: - An attacker with the ability to send and receive messages to an authoritative DNS server was able to circumvent TSIG authentication of AXFR requests. A server that relied solely on TSIG keys for protection could be manipulated into (1) providing an AXFR of a zone to an unauthorized recipient and (2) accepting bogus Notify packets. [bsc#1046554, CVE-2017-3142] - An attacker who with the ability to send and receive messages to an authoritative DNS server and who had knowledge of a valid TSIG key name for the zone and service being targeted was able to manipulate BIND into accepting an unauthorized dynamic update. [bsc#1046555, CVE-2017-3143] </description> <summary>Security update for bind</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor