Security update for bind (important)

2017-01-18T12:09:00
ID OPENSUSE-SU-2017:0193-1
Type suse
Reporter Suse
Modified 2017-01-18T12:09:00

Description

This update for bind fixes the following issues:

  • Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699]

  • Fix a potential assertion failure that could have been triggered by responding to a query with inconsistent DNSSEC information, thereby facilitating a denial-of-service attack. [CVE-2016-9147, bsc#1018701, bsc#1018699]

  • Fix potential assertion failure that could have been triggered by DNS responses that contain unusually-formed DS resource records, facilitating a denial-of-service attack. [CVE-2016-9444, bsc#1018702, bsc#1018699]

This update was imported from the SUSE:SLE-12-SP1:Update update project.