https://bugzilla.novell.com/show_bug.cgi?id=785121 https://bugzilla.novell.com/show_bug.cgi?id=785121#c0 Summary: network/bind: VUL-0: CVE-2012-5166: bind: Specially crafted RDATA causes bind to stop working Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: Other URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012 -5166 OS/Version: Other Status: NEW Keywords: security_vulnerability Severity: Critical Priority: P5 - None Component: 3rd party software AssignedTo: ug@suse.com ReportedBy: bernhard.schmidt@lrz-muenchen.de QAContact: opensuse-communityscreening@forge.provo.novell.com Found By: --- Blocker: --- A nameserver can be locked up if it can be induced to load a specially crafted combination of resource records. CVE: CVE-2012-5166 Document Version: 2.0 Posting date: 9 October 2012 Program Impacted: BIND Versions affected: 9.2.x -> 9.6.x, 9.4-ESV->9.4-ESV-R5-P1, 9.6-ESV->9.6-ESV-R7-P3, 9.7.0->9.7.6-P3, 9.8.0->9.8.3-P3, 9.9.0->9.9.1-P3 Severity: Critical Exploitable: Remotely Please update to 9.9.1-P4 There is already #784602 for SuSE shipped packages (also not yet fixed) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.