bind-9.9.4-29.3.0.1.el7.AXS7
エラータID: AXSA:2016-142:02
リリース日:
2016/03/17 Thursday - 15:22
題名:
bind-9.9.4-29.3.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
[修正内容]
以下項目について対処しました。
[Security Fix]
- ISC BIND の named には、 rndc 制御チャネルインタフェースへの不正なパケットによって、リモートの攻撃者が、サービス拒否(アサーションの失敗とデーモンの終了) を引き起こす脆弱性があります。(CVE-2016-1285)
- ISC BIND の named には、DNAME リソースレコードに対する巧妙に細工された署名リソースレコードによって、リモートの攻撃者が、サービス拒否 (アサーションの失敗とデーモンの終了) を引き起こす脆弱性があります。(CVE-2016-1286)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-1285
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
CVE-2016-1286
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
追加情報:
N/A
ダウンロード:
SRPMS
- bind-9.9.4-29.3.0.1.el7.AXS7.src.rpm
MD5: c3c3398201d51bffcd8970f4dbfc430c
SHA-256: 03f2d01bc0fce4f15cdc0f2b947445742dcc0b5ce01bd12a6089b80dd4c0e540
Size: 7.45 MB
Asianux Server 7 for x86_64
- bind-9.9.4-29.3.0.1.el7.AXS7.x86_64.rpm
MD5: 66a993e86db4f3e1147b4d8204d49b09
SHA-256: 486c0c3930d0202ec23f055534565bc232bb3c9b9ea6d1eec2acdb006760131f
Size: 1.77 MB - bind-chroot-9.9.4-29.3.0.1.el7.AXS7.x86_64.rpm
MD5: c4b7da4941a0d2a1fe67c6540ad2c2b0
SHA-256: 6c5f4c1d7409761488098d2d29c4ae8b00ecd4f0efa7f716b067bee59fb06ff4
Size: 82.62 kB - bind-libs-9.9.4-29.3.0.1.el7.AXS7.x86_64.rpm
MD5: ae29c321c87c8ce98c0bfb42152f9f50
SHA-256: 684d31ca9604b0cccfb68a2f831d2ad75fa5b867f8ee791567527c74b4860a60
Size: 0.99 MB - bind-libs-lite-9.9.4-29.3.0.1.el7.AXS7.x86_64.rpm
MD5: 46e143e875f37140ccfbe17fccfe9c50
SHA-256: bd702bc5302632dd9bb68de024d2e609d74744db9e2987f09bad8711a38d5ee3
Size: 723.08 kB - bind-license-9.9.4-29.3.0.1.el7.AXS7.noarch.rpm
MD5: fa27eb5ff1559afd40b738af7ab2d22f
SHA-256: 8ccb5c9332ac0f546a0b8bd343940c4e3a6dfd36731a4d1855bc325a8b172cd1
Size: 80.85 kB - bind-pkcs11-9.9.4-29.3.0.1.el7.AXS7.x86_64.rpm
MD5: b23d9960539b7ef11570de9bad5921b4
SHA-256: ec8ca1d51684f8e76801e048ffc89c11bb8b954fea63e69a34bf45b61c75a3b8
Size: 292.28 kB - bind-pkcs11-libs-9.9.4-29.3.0.1.el7.AXS7.x86_64.rpm
MD5: 7ef33aa70846d4a4b5b76f679c9cf342
SHA-256: 2057e512b0e1f86fab6e2c004d8d594c140e0b8f7337ed50d8f3d5d50cebacb1
Size: 1.14 MB - bind-pkcs11-utils-9.9.4-29.3.0.1.el7.AXS7.x86_64.rpm
MD5: 120bcb269e29fc9c1b44778f929d41c7
SHA-256: 7f237d45398169df8c7f274d92d3788b07a73aa3b03d4f1dfe6eaadc84e9414f
Size: 193.67 kB - bind-utils-9.9.4-29.3.0.1.el7.AXS7.x86_64.rpm
MD5: 7850efcfd8efc271c01b9de7870f3f87
SHA-256: 1c44432ededefc709ae637f74cb402c2ca741927a36f542847641aa67d15fa51
Size: 199.35 kB - bind-libs-9.9.4-29.3.0.1.el7.AXS7.i686.rpm
MD5: b0942046aef41497c59d5364932f85c2
SHA-256: 7959842c916ec922d7dc8ac30af15959190d0097f58b6c710821c60b1d45b3c6
Size: 0.98 MB - bind-libs-lite-9.9.4-29.3.0.1.el7.AXS7.i686.rpm
MD5: 007a0c2c277dc6974bced636a04297e8
SHA-256: 4615490e6afd21d17bec79f8de3860895c413f35f291896e6b46dfd0c9299471
Size: 712.17 kB - bind-pkcs11-libs-9.9.4-29.3.0.1.el7.AXS7.i686.rpm
MD5: 76702c863469f473b3db84c374208b98
SHA-256: 005bb2512019530c4c02716e65b46bc10fca65d20b3bb940491319c336d9f860
Size: 1.12 MB
English