Fedora 26 : glibc (2017-92f8958310)

This update improves compatibility with legacy 32-bit i386 applications RHBZ1471427 and addresses a minor security vulnerability in the DNS stub resolver CVE-2017-12132. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

BIND: Multiple vulnerabilities

Background BIND Berkeley Internet Name Domain is a Name Server. Description Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact A remote attacker could send a specially crafted DNS request to the BIND resolver resulting in ...

OpenJDK: unrestricted access to com.sun.org.apache.xml.internal.resolver (JAXP, 8173286)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

Fedora Update for knot-resolver FEDORA-2017-4762689cb7

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for knot-resolver FEDORA-2017-b9433ad88e

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : knot-resolver (2017-4762689cb7)

New upstream release : Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...

Fedora 25 : knot-resolver (2017-b9433ad88e)

New upstream release : Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...

[SECURITY] Fedora 25 Update: knot-resolver-1.3.2-1.fc25

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

[SECURITY] Fedora 26 Update: knot-resolver-1.3.2-1.fc26

The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as...

Fedora Update for knot-resolver FEDORA-2017-e6aaef4475

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AIX bind Advisory : bind_advisory12.asc (IV84456) (IV84457) (IV84458) (IV84459) (IV84947) (IV84984) (IV85296) (IV85297) (IV85298)

The version of bind installed on the remote AIX host is affected by the following vulnerabilities : - A denial of service vulnerability exists in files sexpr.c and alist.c when handling control channel packets. An unauthenticated, remote attacker can exploit this, via crafted packets sent to the...

CVE-2017-12132

The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation...

GNU C Library DNS Spoofing Vulnerability

The GNU C Library aka glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A security vulnerability exists in the DNS stub resolver in versions of the GNU C Library prior to 2.26. An attacker can exploit this vulnerability to perform an off-path DNS spoofing...

CVE-2017-12132

The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation...

CVE-2017-12132

Summary : CVE-2017-12132 affects the GNU C Library (glibc) DNS stub resolver, enabling off-path DNS spoofing attacks by eliciting large UDP responses when EDNS is enabled. IBM and related advisories reference this GLIBC flaw and tie it to affected IBM hardware/software bundles. What is affected (...

Moderate: Red Hat Bug Fix Advisory: bind bug fix update

An update for bind is now available for Red Hat Enterprise Linux 7. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for...

bind: Too long query name causes segmentation fault in lwresd

It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or...

kernel: security: The built-in keyrings for security tokens can be joined as a session and then modified by the root user

It was discovered that root can gain direct access to an internal keyring, such as '.dnsresolver' in RHEL-7 or '.builtintrustedkeys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyri...

Fedora 24 : knot-resolver (2017-081fc9ad77)

Update to upstream version 1.3.1. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Fedora 26 : knot-resolver (2017-e6aaef4475)

build experimental command line interface 'kresc' Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...