Recent Features
| |||||||||||||||||||
Mageia alert MGASA-2012-0258 (bind)
MGASA-2012-0258 Date: September 7th, 2012 Affected releases: 2 Description: Updated bind packages fix security vulnerabilities: High numbers of queries with DNSSEC validation enabled can cause an assertion failure in named, caused by using a bad cache data structure before it has been initialized (CVE-2012-3817). Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries (CVE-2012-3868). Updated Packages: bind-9.9.1.P2-1.mga2 bind-sdb-9.9.1.P2-1.mga2 bind-utils-9.9.1.P2-1.mga2 bind-devel-9.9.1.P2-1.mga2 bind-doc-9.9.1.P2-1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868 ftp://ftp.isc.org/isc/bind9/9.9.1-P2/RELEASE-NOTES-BIND-9... https://kb.isc.org/article/AA-00729 https://kb.isc.org/article/AA-00730 http://lists.fedoraproject.org/pipermail/package-announce... http://www.mandriva.com/en/support/security/advisories/?d... https://bugs.mageia.org/show_bug.cgi?id=6873 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||