bind security update

2014-01-2017:58:43

CentOS Project

lists.centos.org

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.637 Medium

EPSS

Percentile

97.8%

JSON

CentOS Errata and Security Advisory CESA-2014:0043

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

A denial of service flaw was found in the way BIND handled queries for
NSEC3-signed zones. A remote attacker could use this flaw against an
authoritative name server that served NCES3-signed zones by sending a
specially crafted query, which, when processed, would cause named to crash.
(CVE-2014-0591)

All bind users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, the BIND daemon (named) will be restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-January/082273.html

Affected packages:
bind
bind-chroot
bind-devel
bind-libs
bind-sdb
bind-utils

Upstream details at:
https://access.redhat.com/errata/RHSA-2014:0043

OSVersionArchitecturePackageVersionFilename
CentOS6i686bind< 9.8.2-0.23.rc1.el6_5.1bind-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS6i686bind-chroot< 9.8.2-0.23.rc1.el6_5.1bind-chroot-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS6i686bind-devel< 9.8.2-0.23.rc1.el6_5.1bind-devel-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS6i686bind-libs< 9.8.2-0.23.rc1.el6_5.1bind-libs-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS6i686bind-sdb< 9.8.2-0.23.rc1.el6_5.1bind-sdb-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS6i686bind-utils< 9.8.2-0.23.rc1.el6_5.1bind-utils-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS6x86_64bind< 9.8.2-0.23.rc1.el6_5.1bind-9.8.2-0.23.rc1.el6_5.1.x86_64.rpm
CentOS6x86_64bind-chroot< 9.8.2-0.23.rc1.el6_5.1bind-chroot-9.8.2-0.23.rc1.el6_5.1.x86_64.rpm
CentOS6i686bind-devel< 9.8.2-0.23.rc1.el6_5.1bind-devel-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS6x86_64bind-devel< 9.8.2-0.23.rc1.el6_5.1bind-devel-9.8.2-0.23.rc1.el6_5.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	6	i686	bind	< 9.8.2-0.23.rc1.el6_5.1	bind-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS	6	i686	bind-chroot	< 9.8.2-0.23.rc1.el6_5.1	bind-chroot-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS	6	i686	bind-devel	< 9.8.2-0.23.rc1.el6_5.1	bind-devel-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS	6	i686	bind-libs	< 9.8.2-0.23.rc1.el6_5.1	bind-libs-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS	6	i686	bind-sdb	< 9.8.2-0.23.rc1.el6_5.1	bind-sdb-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS	6	i686	bind-utils	< 9.8.2-0.23.rc1.el6_5.1	bind-utils-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS	6	x86_64	bind	< 9.8.2-0.23.rc1.el6_5.1	bind-9.8.2-0.23.rc1.el6_5.1.x86_64.rpm
CentOS	6	x86_64	bind-chroot	< 9.8.2-0.23.rc1.el6_5.1	bind-chroot-9.8.2-0.23.rc1.el6_5.1.x86_64.rpm
CentOS	6	i686	bind-devel	< 9.8.2-0.23.rc1.el6_5.1	bind-devel-9.8.2-0.23.rc1.el6_5.1.i686.rpm
CentOS	6	x86_64	bind-devel	< 9.8.2-0.23.rc1.el6_5.1	bind-devel-9.8.2-0.23.rc1.el6_5.1.x86_64.rpm