#8362: bind-9.10.4-P3 bind-utils-9.10.4-P3 bind9
-------------------------+-------------------------
Reporter: renodr | Owner: blfs-book@…
Type: enhancement | Status: new
Priority: high | Milestone: 7.11
Component: BOOK | Version: SVN
Severity: normal | Keywords:
-------------------------+-------------------------
New minor version
*** SECURITY RELEASE ***
(Link to oss-security mailing list will be posted in a little bit)
[ftp://ftp.isc.org/isc/bind9/9.10.4-P3/RELEASE-NOTES-bind-9.10.4-P3.html]
{{{
BIND 9.10.4-P3 addresses the security issue described in CVE-2016-2776 and
addresses an interoperability issue with ECS clients.
}}}
{{{
Security Fixes
It was possible to trigger a assertion when rendering a message using
a specially crafted request. This flaw is disclosed in CVE-2016-2776. [RT
#43139]
getrrsetbyname with a non absolute name could trigger an infinite
recursion bug in lwresd and named with lwres configured if when combined
with a search list entry the resulting name is too long. This flaw is
disclosed in CVE-2016-2775. [RT #42694]
New Features
None.
Feature Changes
None.
Porting Changes
None.
Bug Fixes
ECS clients with the option set to 0.0.0.0/0/0 or ::/0/0 where
incorrectly getting a FORMERR response.
Windows installs were failing due to triggering UAC without the
installation binary being signed.
A race condition in rbt/rbtdb was leading to INSISTs being triggered.
}}}
[https://kb.isc.org/article/AA-01419]
{{{
CVE:
CVE-2016-2776
Document Version:
2.0
Posting date:
2016-09-27
Program Impacted:
BIND
Versions affected:
9.0.x -> 9.8.x, 9.9.0->9.9.9-P2, 9.9.3-S1->9.9.9-S3, 9.10.0->9.10.4-P2,
9.11.0a1->9.11.0rc1
Severity:
High
Exploitable:
Remotely
Description:
Testing by ISC has uncovered a critical error condition which can occur
when a nameserver is constructing a response. A defect in the rendering
of messages into packets can cause named to exit with an assertion failure
in buffer.c while constructing a response to a query that meets certain
criteria.
This assertion can be triggered even if the apparent source address isn't
allowed to make queries (i.e. doesn't match 'allow-query').
Impact:
All servers are vulnerable if they can receive request packets from any
source.
CVSS Score: 7.8
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C)
For more information on the Common Vulnerability Scoring System and to
obtain your specific environmental score please visit:
http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Workarounds:
No practical workarounds exist.
Active exploits:
No known active exploits.
Solution: Upgrade to the patched release most closely related to your
current version of BIND. These can all be downloaded from
http://www.isc.org/downloads.
BIND 9 version 9.9.9-P3
BIND 9 version 9.10.4-P3
BIND 9 version 9.11.0rc3
BIND 9 Supported Preview edition is a feature preview version of BIND
provided exclusively to eligible ISC Support customers.
BIND 9 version 9.9.9-S5
Document Revision History:
1.0 Advance Notification 2016-09-14
1.1 Added information about the Stable Preview release to versions
affected. Updated solution section to reflect replacing 9.11.0rc2 with
9.11.0rc3 and 9.9.9-S4 with 9.9.9-S5.
2.0 Posting date changed and public disclosure.
}}}
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/8362>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
