- Security update 9.10.3-P3:

* Specific APL data could trigger an INSIST (CVE-2015-8704,
    bsc#962189).
  * Certain errors that could be encountered when printing out or
    logging an OPT record containing a CLIENT-SUBNET option could
    be mishandled, resulting in an assertion failure
    (CVE-2015-8705, bsc#962190).
  * Authoritative servers that were marked as bogus (e.g.
    blackholed in configuration or with invalid addresses) were
    being queried anyway.

OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=183
This commit is contained in:
Reinhard Max 2016-01-20 11:04:34 +00:00 committed by Git OBS Bridge
parent 7c65773c2b
commit c7dc2ebf4f
6 changed files with 31 additions and 17 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4a6c1911ac0d4b6be635b63de3429b6c168ea244043f12bbc8a4eb3368fd6ecd
size 8523719

View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQEcBAABAgAGBQJWZiOeAAoJEG+m68mRGkwCbw4H/2qwR/u6eg6yODs57kikyjRr
/3Cut1C2eaRS0nxk6kesw++VOqKTzDzeoQSsu+DEHfYq6fB/C8h4hA8mGZfRZ4P2
hUQ+wsSBnyN+VYbv4yVKVjae/6T4Pr2NgepfbKnBN037/eNHykO6a41aB1Gi3sUa
g4UTU2ZO2JXGo5JusWUGeV85xUC8zQXo8ZDTUIyaZELk/7Hp317gCMC+SJPNRLvM
+Ex9PYfArj8ovQ0y1XRoj1VGglZwBz9zN99nxPD320l8LApYsCROGqCIXJYWKfRw
EtKLO0/weIdCgGZp/7GilnEJKPICXyuDemoRIiParqwCHQMmPunwQa6eHXZ/Kjk=
=EpUm
-----END PGP SIGNATURE-----

3
bind-9.10.3-P3.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:690810d1fbb72afa629e74638d19cd44e28d2b2e5eb63f55c705ad85d1a4cb83
size 8527540

11
bind-9.10.3-P3.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJWlvHcAAoJEG+m68mRGkwCz8kIALzyviUld+Gtp9jmTtvEhDEx
W7Cw9Pg7t+hsZucE7lTQ76PA9/znljXgziMH51fBO0SWmrHJvyrBzY7cu92ILWAo
S7G+JFElMcZ05hJ5u/oijZLznBW31AA1C7wkAyZirFGxrahpkHYIYNfUNCKH6YqZ
xRARY7/Fk3dwg+/LRi0x4eCXNGWUdHUQwpOaswlE0xtk2H5q76RuZC6w53HNngaq
lbmVcEqxQ6m0PMqWNgO/4pvyW1+n0CheJ/11sz8SbUmhMH08kYRRGHsFhcsAfUL4
X6aDPl3mQZrOTmdPc5c+BPWbB2N3xDcbFOqKmzAAEZIIraINs2aNYicbk0yC9OI=
=BszB
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,17 @@
-------------------------------------------------------------------
Wed Jan 20 10:58:15 UTC 2016 - max@suse.com
- Security update 9.10.3-P3:
* Specific APL data could trigger an INSIST (CVE-2015-8704,
bsc#962189).
* Certain errors that could be encountered when printing out or
logging an OPT record containing a CLIENT-SUBNET option could
be mishandled, resulting in an assertion failure
(CVE-2015-8705, bsc#962190).
* Authoritative servers that were marked as bogus (e.g.
blackholed in configuration or with invalid addresses) were
being queried anyway.
-------------------------------------------------------------------
Mon Dec 21 16:55:36 UTC 2015 - max@suse.com

View File

@ -1,7 +1,7 @@
#
# spec file for package bind
#
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -18,8 +18,8 @@
Name: bind
%define pkg_name bind
%define pkg_vers 9.10.3-P2
%define rpm_vers 9.10.3P2
%define pkg_vers 9.10.3-P3
%define rpm_vers 9.10.3P3
%define idn_vers 1.0
Summary: Domain Name System (DNS) Server (named)
License: ISC