You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa bind

Sigurnosni nedostaci programskog paketa bind

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2017-44e494db1e
2017-04-19 03:08:24.317812
——————————————————————————–

Name : bind99
Product : Fedora 25
Version : 9.9.9
Release : 4.P8.fc25
URL : http://www.isc.org/products/BIND/
Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) libraries
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. This package set contains only export
version of BIND libraries, that are used for building ISC DHCP.

——————————————————————————–
Update Information:

Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138
——————————————————————————–
References:

[ 1 ] Bug #1441125 – CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with “break-dnssec yes;”
https://bugzilla.redhat.com/show_bug.cgi?id=1441125
[ 2 ] Bug #1441133 – CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver
https://bugzilla.redhat.com/show_bug.cgi?id=1441133
[ 3 ] Bug #1441137 – CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received
https://bugzilla.redhat.com/show_bug.cgi?id=1441137
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade bind99’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-ee4b0f53cb
2017-04-19 03:08:24.317744
——————————————————————————–

Name : bind
Product : Fedora 25
Version : 9.10.4
Release : 4.P8.fc25
URL : http://www.isc.org/products/BIND/
Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.

——————————————————————————–
Update Information:

Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138
——————————————————————————–
References:

[ 1 ] Bug #1441125 – CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with “break-dnssec yes;”
https://bugzilla.redhat.com/show_bug.cgi?id=1441125
[ 2 ] Bug #1441133 – CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver
https://bugzilla.redhat.com/show_bug.cgi?id=1441133
[ 3 ] Bug #1441137 – CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received
https://bugzilla.redhat.com/show_bug.cgi?id=1441137
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade bind’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

AutorDanijel Kozinovic
Cert idNCERT-REF-2017-04-0093-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa libxml2

Otkriveni su sigurnosni nedostaci u programskom paketu libxml2 za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje XML External...

Close