LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Mageia alert MGASA-2012-0257 (bind)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2012-0257: bind-9.8.3P2-1.mga1 (1/core) 


Date:
    	      Fri, 7 Sep 2012 20:19:56 +0200


Message-ID:
    	      <20120907181956.GA20347@valstar.mageia.org>


Archive-link:
    	      Article, Thread
              


MGASA-2012-0257
Date: 	September 7th, 2012
Affected releases: 	1


Description:
Updated bind packages fix security vulnerability:

High numbers of queries with DNSSEC validation enabled can cause an
assertion failure in named, caused by using a bad cache data structure
before it has been initialized (CVE-2012-3817).


Updated Packages:
bind-9.8.3P2-1.mga1
bind-utils-9.8.3P2-1.mga1
bind-devel-9.8.3P2-1.mga1
bind-doc-9.8.3P2-1.mga1


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817
ftp://ftp.isc.org/isc/bind9/9.8.3-P2/RELEASE-NOTES-BIND-9...
https://kb.isc.org/article/AA-00729
http://www.mandriva.com/en/support/security/advisories/?d...
https://bugs.mageia.org/show_bug.cgi?id=6873
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds