Opened 5 years ago

Closed 5 years ago

#8861 closed enhancement (fixed)

bind9 bind-9.11.0-P3 bind-utils-9.11.0-P3 (CVE-2017-3135)

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: normal Milestone: 8.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New patch version

http://seclists.org/oss-sec/2017/q1/344

Today ISC announced CVE-2017-3135, a denial-of-service vulnerability
that can affect resolvers using both DNS64 and RPZ to rewrite responses
for the same view.

This affects all BIND 9.9 releases since 9.9.3, all BIND 9.10 releases,
and all BIND 9.11 releases, including the 9.9.10b1, 9.10.5b1, and
9.11.1b1 releases.

https://kb.isc.org/article/AA-01453

CVSS Score:  7.5

CVSS Vector:  CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

ftp://ftp.isc.org/isc/bind9/9.11.0-P3/RELEASE-NOTES-bind-9.11.0-P3.html

Change History (2)

comment:1 by Douglas R. Reno, 5 years ago

Owner: changed from blfs-book@… to Douglas R. Reno
Status: newassigned

Fixed at r18277

comment:2 by Douglas R. Reno, 5 years ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.