bind-9.8.2-0.37.7.0.1.rc1.AXS4
エラータID: AXSA:2016-143:02
リリース日:
2016/03/17 Thursday - 16:03
題名:
bind-9.8.2-0.37.7.0.1.rc1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
[修正内容]
以下項目について対処しました。
[Security Fix]
- ISC BIND の named には、 rndc 制御チャネルインタフェースへの不正なパケットによって、リモートの攻撃者が、サービス拒否(アサーションの失敗とデーモンの終了) を引き起こす脆弱性があります。(CVE-2016-1285)
- ISC BIND の named には、DNAME リソースレコードに対する巧妙に細工された署名リソースレコードによって、リモートの攻撃者が、サービス拒否 (アサーションの失敗とデーモンの終了) を引き起こす脆弱性があります。(CVE-2016-1286)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-1285
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
CVE-2016-1286
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
追加情報:
N/A
ダウンロード:
SRPMS
- bind-9.8.2-0.37.7.0.1.rc1.AXS4.src.rpm
MD5: c24d7e9f922d577883bec9460cb9d96b
SHA-256: 1215a63f623843ca0b68995e927aa16fdb0a52ffbe9303de06adbf4f5bdc7909
Size: 8.41 MB
Asianux Server 4 for x86
- bind-9.8.2-0.37.7.0.1.rc1.AXS4.i686.rpm
MD5: 3fabe88a4c54c52e13504b5a937e7ac6
SHA-256: 5a80754bf2fbaa831675b7ecc1ec46ad732cb2a56ad96fd93de178d8a5da182d
Size: 3.99 MB - bind-chroot-9.8.2-0.37.7.0.1.rc1.AXS4.i686.rpm
MD5: 523055fc212bb69f262e6a329d6090e7
SHA-256: e4e50414637113f1ac8962e466e004893c8af8cee4ffe2840a92c335f56aba15
Size: 74.16 kB - bind-libs-9.8.2-0.37.7.0.1.rc1.AXS4.i686.rpm
MD5: 8c4b9b7c15ab7bc4d5d09d8acf63656a
SHA-256: 1cf719062187aef1a11e5c501b8381fb1c9089e710c20ab83656cc157796fe57
Size: 897.49 kB - bind-utils-9.8.2-0.37.7.0.1.rc1.AXS4.i686.rpm
MD5: 2ac0b1e6dd60fda1f4ff358e5baccdbd
SHA-256: 684985dd75fa0991b6c6a6336b643e6e6a8696ab5bea969cd2452e88753041ce
Size: 184.78 kB
Asianux Server 4 for x86_64
- bind-9.8.2-0.37.7.0.1.rc1.AXS4.x86_64.rpm
MD5: d868bb109ff3f9476910840142b586cb
SHA-256: b59ea3c1ba4901892fa3abcfe3d232afe392a1c3522678ad14bf81e182fd8a14
Size: 3.98 MB - bind-chroot-9.8.2-0.37.7.0.1.rc1.AXS4.x86_64.rpm
MD5: 62680e5d52beba4e2ca221a1671def95
SHA-256: e3771bae1c8f2517b0873dd01c739073fd141bb8b4e5c5ef1289dcce2a741266
Size: 73.73 kB - bind-libs-9.8.2-0.37.7.0.1.rc1.AXS4.x86_64.rpm
MD5: 32881f7a1f730b3c27d6d728c9a4a405
SHA-256: f155b0c4253575a19b430e4b05476051c89de14554d4dc8aeba862d0e4551399
Size: 885.77 kB - bind-utils-9.8.2-0.37.7.0.1.rc1.AXS4.x86_64.rpm
MD5: 5f7a22aec5578a49b77a448127025a2b
SHA-256: dc58cf260142594ea668edf2f340564ad3e18d7e2b215f8585c47971b7690015
Size: 185.44 kB - bind-libs-9.8.2-0.37.7.0.1.rc1.AXS4.i686.rpm
MD5: 8c4b9b7c15ab7bc4d5d09d8acf63656a
SHA-256: 1cf719062187aef1a11e5c501b8381fb1c9089e710c20ab83656cc157796fe57
Size: 897.49 kB
English