Accepting request 264596 from home:lmuelle:bind
- Update to version 9.10.1-P1 - A flaw in delegation handling could be exploited to put named into an infinite loop. This has been addressed by placing limits on the number of levels of recursion named will allow (default 7), and the number of iterative queries that it will send (default 50) before terminating a recursive query (CVE-2014-8500); (bnc#908994). The recursion depth limit is configured via the "max-recursion-depth" option, and the query limit via the "max-recursion-queries" option. [RT #37580] - When geoip-directory was reconfigured during named run-time, the previously loaded GeoIP data could remain, potentially causing wrong ACLs to be used or wrong results to be served based on geolocation (CVE-2014-8680). [RT #37720]; (bnc#908995). - Lookups in GeoIP databases that were not loaded could cause an assertion failure (CVE-2014-8680). [RT #37679]; (bnc#908995). - The caching of GeoIP lookups did not always handle address families correctly, potentially resulting in an assertion failure (CVE-2014-8680). [RT #37672]; (bnc#908995). OBS-URL: https://build.opensuse.org/request/show/264596 OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=156
This commit is contained in:
parent
c38019450e
commit
24da4f54fa
3
bind-9.10.1-P1.tar.gz
Normal file
3
bind-9.10.1-P1.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:974343108d32f253a130383d0ba51290fb7bf372092f1451f264a9e3ac09898d
|
||||
size 8356463
|
12
bind-9.10.1-P1.tar.gz.asc
Normal file
12
bind-9.10.1-P1.tar.gz.asc
Normal file
@ -0,0 +1,12 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
|
||||
Comment: GPGTools - http://gpgtools.org
|
||||
|
||||
iQEcBAABAgAGBQJUbrEDAAoJEEWseFcYnNvFws8H/2I6YJNbUxY4rS6/alBUwIWy
|
||||
N3oUSb290Szatl1sAUjlZ6SQbIgvKKxPRcp6HwKvhpecc+/Y0EAN43IWrGrndnoX
|
||||
Fvfutn68I9cWCSFROnlOOlrmSFCs6Xg7OHZJy5mkf5cm9DflXYo3Xp6b1VCk7Z6j
|
||||
jxuXGn7Uj4a/Ylk1ERV9ELl4qXugPj8J9bN+cjtr6iBl8yxXKwuZiiSDaZZf36w0
|
||||
SziClj2G8CA0UOGDu7XxPENJdJZPmS+sopxXWBpU7pL0EojcrFPbGENU9FtzHrjq
|
||||
oVte/sQlrXfZXjo4op7tTeQH7d7PE6i01p+VJwG9YDtAQ3HA5jovSTBiiEtICfU=
|
||||
=LVgj
|
||||
-----END PGP SIGNATURE-----
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:5361eca2b8b6bc0b13904b0f964336a478dfbc165711547f6cc3f8752ac60181
|
||||
size 8353313
|
@ -1,11 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1.4.11 (GNU/Linux)
|
||||
|
||||
iQEcBAABAgAGBQJUIAfBAAoJEEWseFcYnNvFmosIAMQn2vFb2j6iIqop7Fg4cJs5
|
||||
0hR1gFdcwkBZELKbLXkpL8qGOYrF9A8Wdjraf8i2iLUwZ1qsWLSL1wMokgamacRT
|
||||
8VsQnfS6o1CO/uVrB7QysWmcovuAuHNj1d4v2M6CIGnbuUneQ6sQf28u6TWG6ENW
|
||||
RtKUcz418WwghvQlBmoi2BVxluR+/15im87eUMsNajWRtNPLZJc2KvFnKHiZFvTU
|
||||
36ffiAUC3nL/+61pHz7JvxzpJtgjyGtgSF16unPXAI1Oyg7lZOw0+cNUOnzclYy/
|
||||
UGw83PwxxtBjm9WmLPfnUqXPWKNzjCRPAiEDOvyCjEKD+HamDA7YxvV9D82aQW4=
|
||||
=klq+
|
||||
-----END PGP SIGNATURE-----
|
22
bind.changes
22
bind.changes
@ -1,3 +1,25 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 9 21:45:10 UTC 2014 - lmuelle@suse.com
|
||||
|
||||
- Update to version 9.10.1-P1
|
||||
- A flaw in delegation handling could be exploited to put named into an
|
||||
infinite loop. This has been addressed by placing limits on the number of
|
||||
levels of recursion named will allow (default 7), and the number of
|
||||
iterative queries that it will send (default 50) before terminating a
|
||||
recursive query (CVE-2014-8500); (bnc#908994).
|
||||
The recursion depth limit is configured via the "max-recursion-depth"
|
||||
option, and the query limit via the "max-recursion-queries" option.
|
||||
[RT #37580]
|
||||
- When geoip-directory was reconfigured during named run-time, the
|
||||
previously loaded GeoIP data could remain, potentially causing wrong ACLs
|
||||
to be used or wrong results to be served based on geolocation
|
||||
(CVE-2014-8680). [RT #37720]; (bnc#908995).
|
||||
- Lookups in GeoIP databases that were not loaded could cause an assertion
|
||||
failure (CVE-2014-8680). [RT #37679]; (bnc#908995).
|
||||
- The caching of GeoIP lookups did not always handle address families
|
||||
correctly, potentially resulting in an assertion failure (CVE-2014-8680).
|
||||
[RT #37672]; (bnc#908995).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Dec 7 16:54:03 UTC 2014 - jengelh@inai.de
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user