diff options
| author | Adrien Nader <adrien@notk.org> | 2015-07-28 22:41:12 +0200 |
|---|---|---|
| committer | Adrien Nader <adrien@notk.org> | 2015-07-28 22:41:12 +0200 |
| commit | 1b8549b9424735ce1582e2918d560e2062a152bc (patch) | |
| tree | efec31bd3fa155f1e84685368db07de4bcde56f3 /slackware64-current/slackware64/l/gnome-keyring-3.14.0-x86_64-1.txz.asc | |
| parent | 5c88ea0a2fcfef6da89b5f03ee38589f2e162d81 (diff) | |
Tue Jul 28 19:36:39 UTC 2015
n/bind-9.10.2_P3-x86_64-1.txz: Upgraded.
This update fixes a security issue where an error in the handling of TKEY
queries can be exploited by an attacker for use as a denial-of-service
vector, as a constructed packet can use the defect to trigger a REQUIRE
assertion failure, causing BIND to exit.
Impact:
Both recursive and authoritative servers are vulnerable to this defect.
Additionally, exposure is not prevented by either ACLs or configuration
options limiting or denying service because the exploitable code occurs
early in the packet handling, before checks enforcing those boundaries.
Operators should take steps to upgrade to a patched version as soon as
possible.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477
https://kb.isc.org/article/AA-01272
(* Security fix *)
Diffstat (limited to 'slackware64-current/slackware64/l/gnome-keyring-3.14.0-x86_64-1.txz.asc')
0 files changed, 0 insertions, 0 deletions