Opened 8 years ago

Closed 8 years ago

#8747 closed enhancement (fixed)

BIND-9.11.0-P2 (CVE-2016-9131 CVE-2016-9147 CVE-2016-9444 CVE-2016-9778)

Reported by: Douglas R. Reno Owned by: bdubbs@…
Priority: highest Milestone: 8.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New maintenance release

https://kb.isc.org/article/AA-01442/74/CVE-2016-9778%3A-An-error-handling-certain-queries-using-the-nxdomain-redirect-feature-could-cause-a-REQUIRE-assertion-failure-in-db.c.html

https://kb.isc.org/article/AA-01441/74/CVE-2016-9444%3A-An-unusually-formed-DS-record-response-could-cause-an-assertion-failure.html

https://kb.isc.org/article/AA-01440/74/CVE-2016-9147%3A-An-error-handling-a-query-response-containing-inconsistent-DNSSEC-information-could-cause-an-assertion-failure-.html

https://kb.isc.org/article/AA-01439/74/CVE-2016-9131%3A-A-malformed-response-to-an-ANY-query-can-cause-an-assertion-failure-during-recursion.html

All of the above are given CVSSv3 Ratings of 7.5 HIGH (or above) and are trivially exploited remotely.

Change History (2)

comment:1 by bdubbs@…, 8 years ago

Owner: changed from blfs-book@… to bdubbs@…
Status: newassigned

comment:2 by bdubbs@…, 8 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 18178.

Note: See TracTickets for help on using tickets.