- Security update 9.10.3-P3:

* CVE-2016-1285, bsc#970072: assert failure on input parsing can
    cause premature exit.
  * CVE-2016-1286, bsc#970073: An error when parsing signature
    records for DNAME can lead to named exiting due to an assertion
    failure.
  * CVE-2016-2088, bsc#970074: a deliberately misconstructed packet
    containing multiple cookie options to cause named to terminate
    with an assertion failure.

OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=190
This commit is contained in:
Reinhard Max 2016-03-11 13:59:03 +00:00 committed by Git OBS Bridge
parent abbe73be65
commit 2d8afe69b8

View File

@ -1,10 +1,15 @@
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Mar 11 13:53:26 UTC 2016 - max@suse.com Fri Mar 11 13:56:10 UTC 2016 - max@suse.com
- Security update 9.10.3-P3 fixes two assertion failures that can - Security update 9.10.3-P3:
lead to remote DoS: * CVE-2016-1285, bsc#970072: assert failure on input parsing can
* CVE-2016-1285, bsc#970072 cause premature exit.
* CVE-2016-1286, bsc#970073 * CVE-2016-1286, bsc#970073: An error when parsing signature
records for DNAME can lead to named exiting due to an assertion
failure.
* CVE-2016-2088, bsc#970074: a deliberately misconstructed packet
containing multiple cookie options to cause named to terminate
with an assertion failure.
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Feb 25 16:10:45 UTC 2016 - bwiedemann@suse.com Thu Feb 25 16:10:45 UTC 2016 - bwiedemann@suse.com