From abbe73be651e3d1c0a85fb33e9225c199f0ccc0d6fd8dd7545662f4e9d4b7bfa Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Fri, 11 Mar 2016 13:55:29 +0000 Subject: [PATCH 1/2] - Security update 9.10.3-P3 fixes two assertion failures that can lead to remote DoS: * CVE-2016-1285, bsc#970072 * CVE-2016-1286, bsc#970073 OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=189 --- bind-9.10.3-P3.tar.gz | 3 --- bind-9.10.3-P3.tar.gz.asc | 11 ----------- bind-9.10.3-P4.tar.gz | 3 +++ bind-9.10.3-P4.tar.gz.asc | 11 +++++++++++ bind.changes | 8 ++++++++ bind.spec | 4 ++-- 6 files changed, 24 insertions(+), 16 deletions(-) delete mode 100644 bind-9.10.3-P3.tar.gz delete mode 100644 bind-9.10.3-P3.tar.gz.asc create mode 100644 bind-9.10.3-P4.tar.gz create mode 100644 bind-9.10.3-P4.tar.gz.asc diff --git a/bind-9.10.3-P3.tar.gz b/bind-9.10.3-P3.tar.gz deleted file mode 100644 index 9a66db8..0000000 --- a/bind-9.10.3-P3.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:690810d1fbb72afa629e74638d19cd44e28d2b2e5eb63f55c705ad85d1a4cb83 -size 8527540 diff --git a/bind-9.10.3-P3.tar.gz.asc b/bind-9.10.3-P3.tar.gz.asc deleted file mode 100644 index 3619a05..0000000 --- a/bind-9.10.3-P3.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iQEcBAABAgAGBQJWlvHcAAoJEG+m68mRGkwCz8kIALzyviUld+Gtp9jmTtvEhDEx -W7Cw9Pg7t+hsZucE7lTQ76PA9/znljXgziMH51fBO0SWmrHJvyrBzY7cu92ILWAo -S7G+JFElMcZ05hJ5u/oijZLznBW31AA1C7wkAyZirFGxrahpkHYIYNfUNCKH6YqZ -xRARY7/Fk3dwg+/LRi0x4eCXNGWUdHUQwpOaswlE0xtk2H5q76RuZC6w53HNngaq -lbmVcEqxQ6m0PMqWNgO/4pvyW1+n0CheJ/11sz8SbUmhMH08kYRRGHsFhcsAfUL4 -X6aDPl3mQZrOTmdPc5c+BPWbB2N3xDcbFOqKmzAAEZIIraINs2aNYicbk0yC9OI= -=BszB ------END PGP SIGNATURE----- diff --git a/bind-9.10.3-P4.tar.gz b/bind-9.10.3-P4.tar.gz new file mode 100644 index 0000000..4e517f6 --- /dev/null +++ b/bind-9.10.3-P4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2ac044b5fbdf45fb45107af0df961b3b7cb5262a3bf1948ed3fe7a170dd13e3e +size 8529535 diff --git a/bind-9.10.3-P4.tar.gz.asc b/bind-9.10.3-P4.tar.gz.asc new file mode 100644 index 0000000..5b4fe54 --- /dev/null +++ b/bind-9.10.3-P4.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- +Comment: GPGTools - http://gpgtools.org + +iQEcBAABAgAGBQJW1319AAoJEG+m68mRGkwC5S0H/AuD9XbH5GUvp8qedIT1nJX5 +9ifEodnIMsEqVFQVgAmRZHJp7dehq5gGXiWGn/7MD5WQzcxeRi3fIgrxcl6Gm2ig +IV14kzK3xHQcdY97qJvSzwk72tBIRKG3M/PnvTaVpMb7Q/gWhVR8qXpbRtwEQ8NX +mhO7Zut+idK45a48COnvqAMMQBNwjrz6WIYBoP1jvTY7jtM0GXJTmvVlEUxUgT71 +DiFthDL6pk90jjg+nbyvXK8tWEusGzGfDLHpfkZNIjYuoNh8vZbxLza3w6EmSoer +D5/55C18U4bv4araCpbAh3HN3hMKh/OdjOpmJEBc6Lwj1UoiAZqbv28C7kIGklU= +=2RyL +-----END PGP SIGNATURE----- diff --git a/bind.changes b/bind.changes index 304db61..0637fb1 100644 --- a/bind.changes +++ b/bind.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Fri Mar 11 13:53:26 UTC 2016 - max@suse.com + +- Security update 9.10.3-P3 fixes two assertion failures that can + lead to remote DoS: + * CVE-2016-1285, bsc#970072 + * CVE-2016-1286, bsc#970073 + ------------------------------------------------------------------- Thu Feb 25 16:10:45 UTC 2016 - bwiedemann@suse.com diff --git a/bind.spec b/bind.spec index 1241293..8919895 100644 --- a/bind.spec +++ b/bind.spec @@ -18,8 +18,8 @@ Name: bind %define pkg_name bind -%define pkg_vers 9.10.3-P3 -%define rpm_vers 9.10.3P3 +%define pkg_vers 9.10.3-P4 +%define rpm_vers 9.10.3P4 %define idn_vers 1.0 Summary: Domain Name System (DNS) Server (named) License: ISC From 2d8afe69b85bdc431142ed5d07602f99d9ea9989e7f18f191efb9c01966ca1a8 Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Fri, 11 Mar 2016 13:59:03 +0000 Subject: [PATCH 2/2] - Security update 9.10.3-P3: * CVE-2016-1285, bsc#970072: assert failure on input parsing can cause premature exit. * CVE-2016-1286, bsc#970073: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. * CVE-2016-2088, bsc#970074: a deliberately misconstructed packet containing multiple cookie options to cause named to terminate with an assertion failure. OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=190 --- bind.changes | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/bind.changes b/bind.changes index 0637fb1..27fd115 100644 --- a/bind.changes +++ b/bind.changes @@ -1,10 +1,15 @@ ------------------------------------------------------------------- -Fri Mar 11 13:53:26 UTC 2016 - max@suse.com +Fri Mar 11 13:56:10 UTC 2016 - max@suse.com -- Security update 9.10.3-P3 fixes two assertion failures that can - lead to remote DoS: - * CVE-2016-1285, bsc#970072 - * CVE-2016-1286, bsc#970073 +- Security update 9.10.3-P3: + * CVE-2016-1285, bsc#970072: assert failure on input parsing can + cause premature exit. + * CVE-2016-1286, bsc#970073: An error when parsing signature + records for DNAME can lead to named exiting due to an assertion + failure. + * CVE-2016-2088, bsc#970074: a deliberately misconstructed packet + containing multiple cookie options to cause named to terminate + with an assertion failure. ------------------------------------------------------------------- Thu Feb 25 16:10:45 UTC 2016 - bwiedemann@suse.com