bind-9.9.4-38.3.0.1.el7.AXS7
エラータID: AXSA:2017-1629:03
リリース日:
2017/04/21 Friday - 18:26
題名:
bind-9.9.4-38.3.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- 特有のクエリによって DNS64 を用いたサーバがアサーションの失敗と
停止を引き起こす脆弱性があります。
攻撃者が計画的にクエリを作成することができ,DNS64 機能と他の設定を
使用するように設定されている場合,サービス拒否を引き起こす
脆弱性があります。(CVE-2017-3136)
- CNAME あるいは DNAME リソースレコードを含むレスポンスの
アンサーセクションでレコードの順番についての誤った推測に
よって,レコードが普通の順番で並んでいない場合にレスポンスを
処理する際に,named がアサーションの失敗で終了してしまう脆弱性
があります。(CVE-2017-3137)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2017-3136
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
CVE-2017-3137
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
追加情報:
N/A
ダウンロード:
SRPMS
- bind-9.9.4-38.3.0.1.el7.AXS7.src.rpm
MD5: a129156907ca56eb14f463e94c2b7ea7
SHA-256: 3bbb969c881217addf0557015120898923c06f1d5b19528557b14b19a06ab33e
Size: 7.52 MB
Asianux Server 7 for x86_64
- bind-9.9.4-38.3.0.1.el7.AXS7.x86_64.rpm
MD5: 793d4f71c5ea4f2a0f7edc09d6df0021
SHA-256: 46427420885e55f8731bef859cb9719bd02d34558e7acefdb9e3620f73c0a4e3
Size: 1.78 MB - bind-chroot-9.9.4-38.3.0.1.el7.AXS7.x86_64.rpm
MD5: 9911bcb7bcb35c4c34f95769f5ba7989
SHA-256: 017af2ad8a64a5e466a3d6e6921dd9026f7c71c3c955cd22fe47c287d5e88173
Size: 84.05 kB - bind-libs-9.9.4-38.3.0.1.el7.AXS7.x86_64.rpm
MD5: 2de4b9f7f71288a83c3f63c77a8b8991
SHA-256: c84dc88876234205c4cf8c35f77711b410851d806df9404aee6edcd4a08c39b6
Size: 1.00 MB - bind-libs-lite-9.9.4-38.3.0.1.el7.AXS7.x86_64.rpm
MD5: 254f24d5f195d96e9b65be5ef47d3c29
SHA-256: 901186a7c3ff38ac77468865cb1b1b2e19b5e4a38269e4f1d9becaad5d4f90b0
Size: 728.84 kB - bind-license-9.9.4-38.3.0.1.el7.AXS7.noarch.rpm
MD5: 30bd7ef75d59d2f8d417432f7396be5f
SHA-256: 519d8f2783d046c0a9a97897ee7b0cc2ee72a626c0ff9452367728b7da1fd6b2
Size: 82.28 kB - bind-pkcs11-9.9.4-38.3.0.1.el7.AXS7.x86_64.rpm
MD5: e48c4aad7edd0c10b4fd13a51d7aacb0
SHA-256: a33b60354c86f2739e51462417baa158c10f8315e48fa8d896fc05b2e665fe8d
Size: 294.34 kB - bind-pkcs11-libs-9.9.4-38.3.0.1.el7.AXS7.x86_64.rpm
MD5: e78f9ddd99b524235515ee4ecdf09674
SHA-256: b1f451ec2b4f814ba4a05a79af2d9679b5292f221765b842dc4d8209e208b2ee
Size: 1.14 MB - bind-pkcs11-utils-9.9.4-38.3.0.1.el7.AXS7.x86_64.rpm
MD5: 633f2ec98003caee1a854e1b4c028b3d
SHA-256: 9b409849c126082ebf5254c9c1e4da133dcc2208ef606d7260a87ffbdf83f0d7
Size: 195.50 kB - bind-utils-9.9.4-38.3.0.1.el7.AXS7.x86_64.rpm
MD5: 4bad3a87beef872403d55eeef3395a53
SHA-256: e610f9ef42694edaaa558486a1efd1ff1aedc4c97fe5968ce7b4d7b74d83585b
Size: 201.01 kB - bind-libs-9.9.4-38.3.0.1.el7.AXS7.i686.rpm
MD5: 75b0b1ee5ffb71c501b1748137c7665a
SHA-256: ab9c3da18a7f800848cb36fb129595966d4b0331d0517214c21dd1f65b446d23
Size: 0.98 MB - bind-libs-lite-9.9.4-38.3.0.1.el7.AXS7.i686.rpm
MD5: f9541ee72b8e023c7c37bd869d0d373d
SHA-256: 8ff08ed7578f8a2c3c7c9d85e4cb705ebe45441b1b1615d7840a234eac775637
Size: 718.79 kB - bind-pkcs11-libs-9.9.4-38.3.0.1.el7.AXS7.i686.rpm
MD5: 9c62b6040fb976889d1c5faffe6ebfec
SHA-256: e7d3b517e9edbf7af27b042364b28b5adb4c0c424476b520782aa25401532a54
Size: 1.12 MB