[SECURITY] [DSA 3304-1] bind9 security update

2015-07-0719:54:36

lists.debian.org

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

JSON

Debian Security Advisory DSA-3304-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
July 07, 2015 https://www.debian.org/security/faq

Package : bind9
CVE ID : CVE-2015-4620

Breno Silveira Soares of Servico Federal de Processamento de Dados
(SERPRO) discovered that the BIND DNS server is prone to a denial of
service vulnerability. A remote attacker who can cause a validating
resolver to query a zone containing specifically constructed contents
can cause the resolver to terminate with an assertion failure, resulting
in a denial of service to clients relying on the resolver.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u5.

For the stable distribution (jessie), this problem has been fixed in
version 1:9.9.5.dfsg-9+deb8u1.

For the testing distribution (stretch) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your bind9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7allhost< 9.8.4.dfsg.P1-6+nmu2+deb7u5host_9.8.4.dfsg.P1-6+nmu2+deb7u5_all.deb
Debian7armhflibisccfg82< 9.8.4.dfsg.P1-6+nmu2+deb7u5libisccfg82_9.8.4.dfsg.P1-6+nmu2+deb7u5_armhf.deb
Debian8armhflibisccfg-export90< 9.9.5.dfsg-9+deb8u1libisccfg-export90_9.9.5.dfsg-9+deb8u1_armhf.deb
Debian8amd64libisccfg-export90< 9.9.5.dfsg-9+deb8u1libisccfg-export90_9.9.5.dfsg-9+deb8u1_amd64.deb
Debian8armhflibisc-export95< 9.9.5.dfsg-9+deb8u1libisc-export95_9.9.5.dfsg-9+deb8u1_armhf.deb
Debian7i386libbind9-80< 9.8.4.dfsg.P1-6+nmu2+deb7u5libbind9-80_9.8.4.dfsg.P1-6+nmu2+deb7u5_i386.deb
Debian7ia64dnsutils< 9.8.4.dfsg.P1-6+nmu2+deb7u5dnsutils_9.8.4.dfsg.P1-6+nmu2+deb7u5_ia64.deb
Debian8mipslwresd< 9.9.5.dfsg-9+deb8u1lwresd_9.9.5.dfsg-9+deb8u1_mips.deb
Debian7armhfbind9utils< 9.8.4.dfsg.P1-6+nmu2+deb7u5bind9utils_9.8.4.dfsg.P1-6+nmu2+deb7u5_armhf.deb
Debian8armelbind9-host< 9.9.5.dfsg-9+deb8u1bind9-host_9.9.5.dfsg-9+deb8u1_armel.deb

OS	Version	Architecture	Package	Version	Filename
Debian	7	all	host	< 9.8.4.dfsg.P1-6+nmu2+deb7u5	host_9.8.4.dfsg.P1-6+nmu2+deb7u5_all.deb
Debian	7	armhf	libisccfg82	< 9.8.4.dfsg.P1-6+nmu2+deb7u5	libisccfg82_9.8.4.dfsg.P1-6+nmu2+deb7u5_armhf.deb
Debian	8	armhf	libisccfg-export90	< 9.9.5.dfsg-9+deb8u1	libisccfg-export90_9.9.5.dfsg-9+deb8u1_armhf.deb
Debian	8	amd64	libisccfg-export90	< 9.9.5.dfsg-9+deb8u1	libisccfg-export90_9.9.5.dfsg-9+deb8u1_amd64.deb
Debian	8	armhf	libisc-export95	< 9.9.5.dfsg-9+deb8u1	libisc-export95_9.9.5.dfsg-9+deb8u1_armhf.deb
Debian	7	i386	libbind9-80	< 9.8.4.dfsg.P1-6+nmu2+deb7u5	libbind9-80_9.8.4.dfsg.P1-6+nmu2+deb7u5_i386.deb
Debian	7	ia64	dnsutils	< 9.8.4.dfsg.P1-6+nmu2+deb7u5	dnsutils_9.8.4.dfsg.P1-6+nmu2+deb7u5_ia64.deb
Debian	8	mips	lwresd	< 9.9.5.dfsg-9+deb8u1	lwresd_9.9.5.dfsg-9+deb8u1_mips.deb
Debian	7	armhf	bind9utils	< 9.8.4.dfsg.P1-6+nmu2+deb7u5	bind9utils_9.8.4.dfsg.P1-6+nmu2+deb7u5_armhf.deb
Debian	8	armel	bind9-host	< 9.9.5.dfsg-9+deb8u1	bind9-host_9.9.5.dfsg-9+deb8u1_armel.deb