1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3511-1] bind9 security update

    From Michael Gilbert@1:229/2 to All on Wed Mar 9 21:40:01 2016
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3511-1 [email protected] https://www.debian.org/security/ Michael Gilbert
    March 09, 2016 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : bind9
    CVE ID : CVE-2016-1285 CVE-2016-1286

    Two vulnerabilites have been discovered in ISC's BIND DNS server.

    CVE-2016-1285

    A maliciously crafted rdnc, a way to remotely administer a BIND server,
    operation can cause named to crash, resulting in denial of service.

    CVE-2016-1286

    An error parsing DNAME resource records can cause named to crash,
    resulting in denial of service.

    For the oldstable distribution (wheezy), these problems have been fixed
    in version 9.8.4.dfsg.P1-6+nmu2+deb7u10.

    For the stable distribution (jessie), these problems have been fixed in
    version 9.9.5.dfsg-9+deb8u6.

    For the testing (stretch) and unstable (sid) distributions, these
    problems will be fixed soon.

    We recommend that you upgrade your bind9 packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQQcBAEBCgAGBQJW4IfBAAoJELjWss0C1vRzazMf/1ZculXzFJ55Y552ygS3+uBc n1ZSKa1BTQB7LuZ/wfHY3yDNXkXWQ9Ey5Rnj9QN6zJfOPnXCQ6RlvgNISMb/meHA oOiw9IXtx0uKv5b7VGKGrEiin/l9TDUGVv7Z/d6P4gTjbQo70BdC1+UgLNJWP2jI utUippaTlMto6WeXr8xS0orM7852PDWsSiWjLK216IgsWgUMlfRE1vS/UwSBwN6j xZHl5xhhb2Qs0vORGq//h5Y5umBA92rW6wG1vmOOGGIScYjKIJVH+fYKaJOQl6Y7 aRVpnvdZmSgbU/uglSjhlvx9BICjfsV+cAAvNY0OY3G7bmYMAEtQQThCRheQRSui K2z02qVZ4YAXiyfNjCkrO2J3B1xo7C5kVzGt/hcn7vjeMsfJlTBd/ppcAwWhLYrw BspXLhn122QDjqAS+wL64MtSz9gWKgQi49bEsVNRYmqpt20RBs0stMqU/DHxJhCu L3eCQuuBTzOyD8aTJ2c1KvGi9J8l7+D9TNcvg2BBudDpoyNvpxGz1ppNnzGQENN5 kNR701pSude+8OSFrGnK9JUmt1ap4WNKWaUcIMZG2f9fBm8tdMWgp8iqou+Hiv0A WlX1anODSWiCX5+T1u84AsoNZrYxyOPr6h3cOAEyqy6dJVslJw5xvmsq6x0GYVy+ 84oJVY4sV8WLL4jyqIeWLaAp/GcKKyhD0liEgDrO5GZ/BAVCLCu4466XVNx8mPsc QFLx7vjHv8eF9slrAw6beJ4Qulw/bEefn6OL2PC1Ic1EJSJ2VaHhC4dwhLSduLau DXjbeYBKpk8n5jukTrIrusKqTlgDqtoNC8TRx9giBXUfP9PYexAleO4fMT35UYN3 FKcpwwjLD5wcOjc3aVEhZdaV9rbTcIwuPxXg3qsZLXH5RXn9FwgbyaXvmoxoCsf0 6gyOVF5ZlOuxM2ZoBdVwExZVys8yM0ledJAaChV93CWENRxJKOzO06CcqKRfmJxa aDwza5tcIx6yAFx6990LGFdAns7hPLi245pElO5AU16DNcHSbiSsEIdjt3h3S+/F vJHb9VvghVmO71XaLCxV2fXdsYMNnOKGheEXlC4F4yBPn10di8U57uyB8NKJ8Tgv W9r+6oeh9kVP/4KN8kvLmQWShgFrBPhbsuw3UPz9UnEYiFjlMRuTdP/TaYeroPJs k+Q/+72K69UQizKJ9UtkPoqI2Tn3I7zptDMGRsr5Pmil2+nx8xkRK3VK5BSDqkkK MEeY7zStrxqy/u+J4Uqf9XkgXnLMTkjv9UxFBp8D5e4Ao0Xk/LMo76ZJZuahqYtO fQw1Xbb11+cSBtER67gG48v/2kjHZINqKyIG17/SofTfOusSiLgOCRKgLkrod+8=
    =wSXP
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)