SUSE Security Update: Security update for bind ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0227-1 Rating: important References: #939567 #944066 #958861 #962189 Cross-References: CVE-2015-5477 CVE-2015-5722 CVE-2015-8000 CVE-2015-8704 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. It includes one version update. Description: This update for bind fixes the following issues: * CVE-2015-8000: Remote denial of service by mis-parsing incoming responses. (bsc#958861) * CVE-2015-5722: DoS against servers performing validation on DNSSEC-signed records. (bsc#944066) * CVE-2015-5477: DoS against authoritative and recursive servers. * CVE-2015-8704: Specific APL data could trigger a crash. (bsc#962189) Security Issues: * CVE-2015-8000 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000> * CVE-2015-5722 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722> * CVE-2015-5477 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477> * CVE-2015-8704 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704> Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64) [New Version: 9.6ESVR11P1]: bind-9.6ESVR11P1-0.18.1 bind-chrootenv-9.6ESVR11P1-0.18.1 bind-devel-9.6ESVR11P1-0.18.1 bind-doc-9.6ESVR11P1-0.18.1 bind-libs-9.6ESVR11P1-0.18.1 bind-utils-9.6ESVR11P1-0.18.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64) [New Version: 9.6ESVR11P1]: bind-libs-32bit-9.6ESVR11P1-0.18.1 References: https://www.suse.com/security/cve/CVE-2015-5477.html https://www.suse.com/security/cve/CVE-2015-5722.html https://www.suse.com/security/cve/CVE-2015-8000.html https://www.suse.com/security/cve/CVE-2015-8704.html https://bugzilla.suse.com/939567 https://bugzilla.suse.com/944066 https://bugzilla.suse.com/958861 https://bugzilla.suse.com/962189 https://download.suse.com/patch/finder/?keywords=6c9cd85bd7aa9140126fe2cf192... -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org