You are here
Home > Preporuke > Ranjivost programskog paketa bind9

Ranjivost programskog paketa bind9

  • Detalji os-a: LDE
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LDE

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-3449-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
January 19, 2016 https://www.debian.org/security/faq
– ————————————————————————-

Package : bind9
CVE ID : CVE-2015-8704

It was discovered that specific APL RR data could trigger an INSIST
failure in apl_42.c and cause the BIND DNS server to exit, leading to a
denial-of-service.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u9.

For the stable distribution (jessie), this problem has been fixed in
version 1:9.9.5.dfsg-9+deb8u5.

We recommend that you upgrade your bind9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJWnp/jAAoJEAVMuPMTQ89E180QAIeJ/iEoF9HCtcUrkC0eBL/e
/YXFKTW11jMzCGK6Q31jglKfs7DZzA67TxCi2fstwQqwlGON/mB/Nowc1ihF1aso
k24emGiBLRHQxBvptKN6wMZYpqUMnNpVybhD6/CRsscH+5PsD5ZQ9yQcn+it4bx1
lkasndFxygkp7t2nZvgOD49oQHy/n82IVNiHumbiOag5PIEDYrTvMMfHBy/1TxNX
Y6njcPdOV8/5zfvVMBo93i3lF32UzO2Bffm1uF4ye+Nm7BVZ3Q7hDf65U14sHQMR
RF2jy+vsAHtBeyOLezrEZoPRZnj+C6aV+xfiTdxNUUpeoZ5sbbmgXJ0kUzgn7UoL
q1nqf0ZrhZ2Ztj/mPBUSNCagjuM/8L1qe4AN4VF1+oAWtmODZiEk0jUDXpGNHARf
p1wLHk0wlsAvj2rLlP2JnAup3J8XLdDSPCgQcyOrWWXK9lW5jWRATqxJw2EfSKrg
asNjLKxZv6XlNPdw+AiA+91yX2MbktnFIZiK4f8vlFieSFNDmdKGT2ZDGkUvywLi
pIsje6AcHAwL9dJ/eNzCraFRpnnEHB6WGsVuEvUsMh6udk+d3gyiFrAnlm1e7ojI
b9rfBBNIMWmQ9EbHqBtBi7VDkNXQZB8KKPvzJdryqt2VZBxqTWL/tL6hmK+ChDIY
yOfHZrumRzImPkp9GvF9
=0lEC
—–END PGP SIGNATURE—–

AutorTomislav Protega
Cert idNCERT-REF-2016-01-0022-ADV
CveCVE-2015-8704
ID izvornikaDSA-3449-1
Proizvodbind9
Izvorhttp://www.debian.org
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa bind9

Otkriven je sigurnosni nedostatak u programskom paketu bind9. Otkriveni nedostatak je uzrokovan neispravnim rukovanjem određenim APL podacima. Potencijalnim napadačima omogućuje...

Close