Mailinglist Archive: opensuse-updates (54 mails)

< Previous Next >
openSUSE-SU-2010:1031-1 (important): bind security update
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Wed, 8 Dec 2010 18:08:16 +0100 (CET)
  • Message-id: <20101208170816.534A3BE65@xxxxxxxxxxxxxx>
openSUSE Security Update: bind security update
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:1031-1
Rating: important
References: #657102 #657129
Cross-References: CVE-2010-3613 CVE-2010-3614
Affected Products:
openSUSE 11.3
openSUSE 11.2
______________________________________________________________________________

An update that fixes two vulnerabilities is now available.
It includes two new package versions.

Description:

Adding certain types of signed negative responses to cache
doesn't clear any matching RRSIG records already in cache.
A subsequent lookup of the cached data can cause named to
crash (CVE-2010-3613).

bind did not properly determine the security status of an
NS RRset during a DNSKEY algorithm rollover, which might
allow remote attackers to cause a denial of service (DNSSEC
validation error) by triggering a rollover (CVE-2010-3614).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.3:

zypper in -t patch bind-3662

- openSUSE 11.2:

zypper in -t patch bind-3662

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.3 (i586 x86_64) [New Version: 9.7.1P2]:

bind-9.7.1P2-0.4.1
bind-chrootenv-9.7.1P2-0.4.1
bind-devel-9.7.1P2-0.4.1
bind-libs-9.7.1P2-0.4.1
bind-utils-9.7.1P2-0.4.1

- openSUSE 11.3 (x86_64) [New Version: 9.7.1P2]:

bind-libs-32bit-9.7.1P2-0.4.1

- openSUSE 11.3 (noarch) [New Version: 9.7.1P2]:

bind-doc-9.7.1P2-0.4.1

- openSUSE 11.2 (i586 x86_64) [New Version: 9.6.1P3]:

bind-9.6.1P3-1.3.1
bind-chrootenv-9.6.1P3-1.3.1
bind-devel-9.6.1P3-1.3.1
bind-doc-9.6.1P3-1.3.1
bind-libs-9.6.1P3-1.3.1
bind-utils-9.6.1P3-1.3.1

- openSUSE 11.2 (x86_64) [New Version: 9.6.1P3]:

bind-libs-32bit-9.6.1P3-1.3.1


References:

http://support.novell.com/security/cve/CVE-2010-3613.html
http://support.novell.com/security/cve/CVE-2010-3614.html
https://bugzilla.novell.com/657102
https://bugzilla.novell.com/657129


< Previous Next >
This Thread
  • No further messages