[SECURITY] [DLA 696-1] bind9 security update

2016-11-0222:01:34

lists.debian.org

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.951 High

EPSS

Percentile

99.3%

JSON

Package : bind9
Version : 1:9.8.4.dfsg.P1-6+nmu2+deb7u13
CVE ID : CVE-2016-8864

Tony Finch and Marco Davids reported an assertion failure in BIND, a
DNS server implementation, which causes the server process to
terminate. This denial-of-service vulnerability is related to a
defect in the processing of responses with DNAME records from
authoritative servers and primarily affects recursive resolvers.

For Debian 7 "Wheezy", these problems have been fixed in version
1:9.8.4.dfsg.P1-6+nmu2+deb7u13.

We recommend that you upgrade your bind9 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian8ppc64elbind9< 1:9.9.5.dfsg-9+deb8u8bind9_1:9.9.5.dfsg-9+deb8u8_ppc64el.deb
Debian7amd64liblwres80< 1:9.8.4.dfsg.P1-6+nmu2+deb7u13liblwres80_1:9.8.4.dfsg.P1-6+nmu2+deb7u13_amd64.deb
Debian8s390xbind9< 1:9.9.5.dfsg-9+deb8u8bind9_1:9.9.5.dfsg-9+deb8u8_s390x.deb
Debian8amd64dnsutils< 1:9.9.5.dfsg-9+deb8u8dnsutils_1:9.9.5.dfsg-9+deb8u8_amd64.deb
Debian8mipsellibbind9-90< 1:9.9.5.dfsg-9+deb8u8libbind9-90_1:9.9.5.dfsg-9+deb8u8_mipsel.deb
Debian8mipslibisccfg-export90-udeb< 1:9.9.5.dfsg-9+deb8u8libisccfg-export90-udeb_1:9.9.5.dfsg-9+deb8u8_mips.deb
Debian8kfreebsd-amd64liblwres90< 1:9.9.5.dfsg-9+deb8u8liblwres90_1:9.9.5.dfsg-9+deb8u8_kfreebsd-amd64.deb
Debian8kfreebsd-amd64bind9utils< 1:9.9.5.dfsg-9+deb8u8bind9utils_1:9.9.5.dfsg-9+deb8u8_kfreebsd-amd64.deb
Debian8mipsellibdns-export100-udeb< 1:9.9.5.dfsg-9+deb8u8libdns-export100-udeb_1:9.9.5.dfsg-9+deb8u8_mipsel.deb
Debian8armellibisccfg-export90-udeb< 1:9.9.5.dfsg-9+deb8u8libisccfg-export90-udeb_1:9.9.5.dfsg-9+deb8u8_armel.deb

OS	Version	Architecture	Package	Version	Filename
Debian	8	ppc64el	bind9	< 1:9.9.5.dfsg-9+deb8u8	bind9_1:9.9.5.dfsg-9+deb8u8_ppc64el.deb
Debian	7	amd64	liblwres80	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u13	liblwres80_1:9.8.4.dfsg.P1-6+nmu2+deb7u13_amd64.deb
Debian	8	s390x	bind9	< 1:9.9.5.dfsg-9+deb8u8	bind9_1:9.9.5.dfsg-9+deb8u8_s390x.deb
Debian	8	amd64	dnsutils	< 1:9.9.5.dfsg-9+deb8u8	dnsutils_1:9.9.5.dfsg-9+deb8u8_amd64.deb
Debian	8	mipsel	libbind9-90	< 1:9.9.5.dfsg-9+deb8u8	libbind9-90_1:9.9.5.dfsg-9+deb8u8_mipsel.deb
Debian	8	mips	libisccfg-export90-udeb	< 1:9.9.5.dfsg-9+deb8u8	libisccfg-export90-udeb_1:9.9.5.dfsg-9+deb8u8_mips.deb
Debian	8	kfreebsd-amd64	liblwres90	< 1:9.9.5.dfsg-9+deb8u8	liblwres90_1:9.9.5.dfsg-9+deb8u8_kfreebsd-amd64.deb
Debian	8	kfreebsd-amd64	bind9utils	< 1:9.9.5.dfsg-9+deb8u8	bind9utils_1:9.9.5.dfsg-9+deb8u8_kfreebsd-amd64.deb
Debian	8	mipsel	libdns-export100-udeb	< 1:9.9.5.dfsg-9+deb8u8	libdns-export100-udeb_1:9.9.5.dfsg-9+deb8u8_mipsel.deb
Debian	8	armel	libisccfg-export90-udeb	< 1:9.9.5.dfsg-9+deb8u8	libisccfg-export90-udeb_1:9.9.5.dfsg-9+deb8u8_armel.deb