rpm/bind - bind - openSUSE Gitea

rpm/bind

SHA256

Fork 0

forked from pool/bind

Commit Graph

Author	SHA256	Message	Date
Dirk Mueller	43448a770a	Accepting request 507232 from home:simotek:branches:network - Added bind-CVE-2017-3142-and-3143.patch to fix a security issue where an attacker with the ability to send and receive messages to an authoritative DNS server was able to circumvent TSIG authentication of AXFR requests. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into (1) providing an AXFR of a zone to an unauthorized recipient and (2) accepting bogus Notify packets. [bsc#1046554, CVE-2017-3142, bsc#1046555, CVE-2017-3143] OBS-URL: https://build.opensuse.org/request/show/507232 OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=211	2017-06-30 10:58:48 +00:00

Author

SHA256

Message

Date

Dirk Mueller

43448a770a

Accepting request 507232 from home:simotek:branches:network

- Added bind-CVE-2017-3142-and-3143.patch to fix a security issue
  where an attacker with the ability to send and receive messages
  to an authoritative DNS server was able to circumvent TSIG
  authentication of AXFR requests. A server that relies solely on
  TSIG keys for protection with no other ACL protection could be
  manipulated into (1) providing an AXFR of a zone to an
  unauthorized recipient and (2) accepting bogus Notify packets.
  [bsc#1046554, CVE-2017-3142, bsc#1046555, CVE-2017-3143]

OBS-URL: https://build.opensuse.org/request/show/507232
OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=211

2017-06-30 10:58:48 +00:00

1 Commits