GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sun Oct 18, 2015 8:26 pm Post subject: [ glsa 201510-01 ] bind |
|
|
Gentoo Linux Security Advisory
Title: BIND: Denial of Service (GLSA 201510-01)
Severity: normal
Exploitable: remote
Date: October 18, 2015
Bug(s): #540640, #553584, #556150, #559462
ID: 201510-01
Synopsis
A vulnerability in BIND could lead to a Denial of Service
condition.
Background
BIND (Berkeley Internet Name Domain) is a Name Server.
Affected Packages
Package: net-dns/bind
Vulnerable: < 9.10.2_p4
Unaffected: >= 9.10.2_p4
Architectures: All supported architectures
Description
A vulnerability has been discovered in BIND’s named utility leading to
a Denial of Service condition.
Impact
A remote attacker may be able to cause Denial of Service condition via
specially constructed zone data.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/bind-9.10.2_p4"
|
References
CVE-2015-1349
CVE-2015-4620
CVE-2015-5477
CVE-2015-5722
CVE-2015-5986 |
|