[SECURITY] [DLA 1255-1] bind9 security update

2018-01-2121:44:35

lists.debian.org

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.063 Low

EPSS

Percentile

93.5%

JSON

Package : bind9
Version : 1:9.8.4.dfsg.P1-6+nmu2+deb7u19
CVE ID : CVE-2017-3145

Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server
implementation, was improperly sequencing cleanup operations, leading in
some cases to a use-after-free error, triggering an assertion failure
and crash in named.

For Debian 7 "Wheezy", these problems have been fixed in version
1:9.8.4.dfsg.P1-6+nmu2+deb7u19.

We recommend that you upgrade your bind9 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian9amd64libisccfg-export140< 1:9.10.3.dfsg.P4-12.3+deb9u4libisccfg-export140_1:9.10.3.dfsg.P4-12.3+deb9u4_amd64.deb
Debian9amd64libdns162-dbgsym< 1:9.10.3.dfsg.P4-12.3+deb9u4libdns162-dbgsym_1:9.10.3.dfsg.P4-12.3+deb9u4_amd64.deb
Debian8s390xbind9utils< 1:9.9.5.dfsg-9+deb8u15bind9utils_1:9.9.5.dfsg-9+deb8u15_s390x.deb
Debian9i386libisccc140< 1:9.10.3.dfsg.P4-12.3+deb9u4libisccc140_1:9.10.3.dfsg.P4-12.3+deb9u4_i386.deb
Debian9arm64bind9-host< 1:9.10.3.dfsg.P4-12.3+deb9u4bind9-host_1:9.10.3.dfsg.P4-12.3+deb9u4_arm64.deb
Debian9i386libirs141-dbgsym< 1:9.10.3.dfsg.P4-12.3+deb9u4libirs141-dbgsym_1:9.10.3.dfsg.P4-12.3+deb9u4_i386.deb
Debian9i386libirs-export141< 1:9.10.3.dfsg.P4-12.3+deb9u4libirs-export141_1:9.10.3.dfsg.P4-12.3+deb9u4_i386.deb
Debian8powerpcbind9utils< 1:9.9.5.dfsg-9+deb8u15bind9utils_1:9.9.5.dfsg-9+deb8u15_powerpc.deb
Debian9amd64libisc-export160-udeb< 1:9.10.3.dfsg.P4-12.3+deb9u4libisc-export160-udeb_1:9.10.3.dfsg.P4-12.3+deb9u4_amd64.deb
Debian9s390xlibbind-dev< 1:9.10.3.dfsg.P4-12.3+deb9u4libbind-dev_1:9.10.3.dfsg.P4-12.3+deb9u4_s390x.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	amd64	libisccfg-export140	< 1:9.10.3.dfsg.P4-12.3+deb9u4	libisccfg-export140_1:9.10.3.dfsg.P4-12.3+deb9u4_amd64.deb
Debian	9	amd64	libdns162-dbgsym	< 1:9.10.3.dfsg.P4-12.3+deb9u4	libdns162-dbgsym_1:9.10.3.dfsg.P4-12.3+deb9u4_amd64.deb
Debian	8	s390x	bind9utils	< 1:9.9.5.dfsg-9+deb8u15	bind9utils_1:9.9.5.dfsg-9+deb8u15_s390x.deb
Debian	9	i386	libisccc140	< 1:9.10.3.dfsg.P4-12.3+deb9u4	libisccc140_1:9.10.3.dfsg.P4-12.3+deb9u4_i386.deb
Debian	9	arm64	bind9-host	< 1:9.10.3.dfsg.P4-12.3+deb9u4	bind9-host_1:9.10.3.dfsg.P4-12.3+deb9u4_arm64.deb
Debian	9	i386	libirs141-dbgsym	< 1:9.10.3.dfsg.P4-12.3+deb9u4	libirs141-dbgsym_1:9.10.3.dfsg.P4-12.3+deb9u4_i386.deb
Debian	9	i386	libirs-export141	< 1:9.10.3.dfsg.P4-12.3+deb9u4	libirs-export141_1:9.10.3.dfsg.P4-12.3+deb9u4_i386.deb
Debian	8	powerpc	bind9utils	< 1:9.9.5.dfsg-9+deb8u15	bind9utils_1:9.9.5.dfsg-9+deb8u15_powerpc.deb
Debian	9	amd64	libisc-export160-udeb	< 1:9.10.3.dfsg.P4-12.3+deb9u4	libisc-export160-udeb_1:9.10.3.dfsg.P4-12.3+deb9u4_amd64.deb
Debian	9	s390x	libbind-dev	< 1:9.10.3.dfsg.P4-12.3+deb9u4	libbind-dev_1:9.10.3.dfsg.P4-12.3+deb9u4_s390x.deb