GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Thu Aug 17, 2017 2:26 am Post subject: [ glsa 201708-01 ] bind |
|
|
Gentoo Linux Security Advisory
Title: BIND: Multiple vulnerabilities (GLSA 201708-01)
Severity: normal
Exploitable: remote
Date: 2017-08-17
Bug(s): #605454, #608740, #615420, #621730
ID: 201708-01
Synopsis
Multiple vulnerabilities have been found in BIND, the worst of
which allows remote attackers to cause a Denial of Service condition.
Background
BIND (Berkeley Internet Name Domain) is a Name Server.
Affected Packages
Package: net-dns/bind
Vulnerable: < 9.11.1_p1
Unaffected: >= 9.11.1_p1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in BIND. Please review the
CVE identifiers referenced below for details.
Impact
A remote attacker could send a specially crafted DNS request to the BIND
resolver resulting in a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All BIND users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-dns/bind-9.11.1_p1"
|
References
CVE-2016-9131
CVE-2016-9147
CVE-2016-9444
CVE-2016-9778
CVE-2017-3135
CVE-2017-3136
CVE-2017-3137
CVE-2017-3138
CVE-2017-3140
CVE-2017-3141
Last edited by GLSA on Fri Sep 29, 2017 4:16 am; edited 1 time in total |
|