[SECURITY] [DLA 843-1] bind9 security update

2017-02-2821:18:57

lists.debian.org

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.096 Low

EPSS

Percentile

94.7%

JSON

Package : bind9
Version : 1:9.8.4.dfsg.P1-6+nmu2+deb7u15
CVE ID : CVE-2017-3135

CVE-2017-3135
Assertion failure when using DNS64 and RPZ can lead to crash.

For Debian 7 "Wheezy", these problems have been fixed in version
1:9.8.4.dfsg.P1-6+nmu2+deb7u15.

We recommend that you upgrade your bind9 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian7i386libbind-dev< 1:9.8.4.dfsg.P1-6+nmu2+deb7u15libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u15_i386.deb
Debian8mipsellibisccfg90< 1:9.9.5.dfsg-9+deb8u10libisccfg90_1:9.9.5.dfsg-9+deb8u10_mipsel.deb
Debian7armellwresd< 1:9.8.4.dfsg.P1-6+nmu2+deb7u15lwresd_1:9.8.4.dfsg.P1-6+nmu2+deb7u15_armel.deb
Debian8kfreebsd-i386libisc-export95< 1:9.9.5.dfsg-9+deb8u10libisc-export95_1:9.9.5.dfsg-9+deb8u10_kfreebsd-i386.deb
Debian8allbind9-doc< 1:9.9.5.dfsg-9+deb8u10bind9-doc_1:9.9.5.dfsg-9+deb8u10_all.deb
Debian8mipselbind9-host< 1:9.9.5.dfsg-9+deb8u10bind9-host_1:9.9.5.dfsg-9+deb8u10_mipsel.deb
Debian8kfreebsd-amd64libdns-export100< 1:9.9.5.dfsg-9+deb8u10libdns-export100_1:9.9.5.dfsg-9+deb8u10_kfreebsd-amd64.deb
Debian8arm64libirs-export91-udeb< 1:9.9.5.dfsg-9+deb8u10libirs-export91-udeb_1:9.9.5.dfsg-9+deb8u10_arm64.deb
Debian8i386libirs-export91-udeb< 1:9.9.5.dfsg-9+deb8u10libirs-export91-udeb_1:9.9.5.dfsg-9+deb8u10_i386.deb
Debian8armhflibdns-export100< 1:9.9.5.dfsg-9+deb8u10libdns-export100_1:9.9.5.dfsg-9+deb8u10_armhf.deb

OS	Version	Architecture	Package	Version	Filename
Debian	7	i386	libbind-dev	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u15	libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u15_i386.deb
Debian	8	mipsel	libisccfg90	< 1:9.9.5.dfsg-9+deb8u10	libisccfg90_1:9.9.5.dfsg-9+deb8u10_mipsel.deb
Debian	7	armel	lwresd	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u15	lwresd_1:9.8.4.dfsg.P1-6+nmu2+deb7u15_armel.deb
Debian	8	kfreebsd-i386	libisc-export95	< 1:9.9.5.dfsg-9+deb8u10	libisc-export95_1:9.9.5.dfsg-9+deb8u10_kfreebsd-i386.deb
Debian	8	all	bind9-doc	< 1:9.9.5.dfsg-9+deb8u10	bind9-doc_1:9.9.5.dfsg-9+deb8u10_all.deb
Debian	8	mipsel	bind9-host	< 1:9.9.5.dfsg-9+deb8u10	bind9-host_1:9.9.5.dfsg-9+deb8u10_mipsel.deb
Debian	8	kfreebsd-amd64	libdns-export100	< 1:9.9.5.dfsg-9+deb8u10	libdns-export100_1:9.9.5.dfsg-9+deb8u10_kfreebsd-amd64.deb
Debian	8	arm64	libirs-export91-udeb	< 1:9.9.5.dfsg-9+deb8u10	libirs-export91-udeb_1:9.9.5.dfsg-9+deb8u10_arm64.deb
Debian	8	i386	libirs-export91-udeb	< 1:9.9.5.dfsg-9+deb8u10	libirs-export91-udeb_1:9.9.5.dfsg-9+deb8u10_i386.deb
Debian	8	armhf	libdns-export100	< 1:9.9.5.dfsg-9+deb8u10	libdns-export100_1:9.9.5.dfsg-9+deb8u10_armhf.deb