bind-9.8.2-0.62.1.0.1.rc1.AXS4
エラータID: AXSA:2017-1631:03
リリース日:
2017/04/21 Friday - 19:27
題名:
bind-9.8.2-0.62.1.0.1.rc1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- 特有のクエリによって DNS64 を用いたサーバがアサーションの失敗と
停止を引き起こす脆弱性があります。
攻撃者が計画的にクエリを作成することができ,DNS64 機能と他の設定を
使用するように設定されている場合,サービス拒否を引き起こす
脆弱性があります。(CVE-2017-3136)
- CNAME あるいは DNAME リソースレコードを含むレスポンスの
アンサーセクションでレコードの順番についての誤った推測に
よって,レコードが普通の順番で並んでいない場合にレスポンスを
処理する際に,named がアサーションの失敗で終了してしまう脆弱性
があります。(CVE-2017-3137)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2017-3136
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
CVE-2017-3137
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
追加情報:
N/A
ダウンロード:
SRPMS
- bind-9.8.2-0.62.1.0.1.rc1.AXS4.src.rpm
MD5: 41c69d0744590c220b3e792deebe454e
SHA-256: 39a08bc64ca8f40bbcebd283d883b06e17228fcd21978d830305fcf41c867981
Size: 8.46 MB
Asianux Server 4 for x86
- bind-9.8.2-0.62.1.0.1.rc1.AXS4.i686.rpm
MD5: a6007c2b8524a65a409953c77b36667c
SHA-256: 07ee81e62b66f90f066eaf948b7c4d95cf4396888e4c87ab86e1007657a0a807
Size: 4.00 MB - bind-chroot-9.8.2-0.62.1.0.1.rc1.AXS4.i686.rpm
MD5: b6910bc0bf4cea00f28fbb27d48218a2
SHA-256: 97cae1b68eb20c873efdeebd6b8759c14ee6eb13e0677415e1cdfd814fb77938
Size: 76.75 kB - bind-libs-9.8.2-0.62.1.0.1.rc1.AXS4.i686.rpm
MD5: 2c24b6016980fed3b1439edeb12cd2db
SHA-256: ab9bb96dbdbd3b7b3837713d871f5ea335ec7d0af96565680da7f83aafa3b95c
Size: 902.32 kB - bind-utils-9.8.2-0.62.1.0.1.rc1.AXS4.i686.rpm
MD5: 548d36a0c4a070835825d75a25313138
SHA-256: 1d4a781893d2c3cb7952ad5cc8808b74b03d5e0d20f105e17b2b9a24a3855d1b
Size: 187.10 kB
Asianux Server 4 for x86_64
- bind-9.8.2-0.62.1.0.1.rc1.AXS4.x86_64.rpm
MD5: 2cb60ffe2fda345ea8bd4cc3bc7e3008
SHA-256: f65852232b99bc4f93bbb6751a482cd752662f09c29414e2f178a700f806217f
Size: 4.00 MB - bind-chroot-9.8.2-0.62.1.0.1.rc1.AXS4.x86_64.rpm
MD5: 99f7920db4d69fe58acaf677659e3a70
SHA-256: 6a29d0d43d513b178d57c47dfb63ca34f42457a3f830b08e2b50ce9db0aacd33
Size: 76.31 kB - bind-libs-9.8.2-0.62.1.0.1.rc1.AXS4.x86_64.rpm
MD5: 575ca48f87b735d50703319291801db8
SHA-256: 80e47a2346708c6ea78a9aea2f1b27bb0a90dab7f7ac8bca5711ebb460f8d56a
Size: 890.35 kB - bind-utils-9.8.2-0.62.1.0.1.rc1.AXS4.x86_64.rpm
MD5: 675f6d0f25c1eb9235dc9d84e3c54d2c
SHA-256: 63e11ab95ea83934e3d7c5156922028bc5daf5ffce63df54c62faddfca9c11d3
Size: 187.70 kB - bind-libs-9.8.2-0.62.1.0.1.rc1.AXS4.i686.rpm
MD5: 2c24b6016980fed3b1439edeb12cd2db
SHA-256: ab9bb96dbdbd3b7b3837713d871f5ea335ec7d0af96565680da7f83aafa3b95c
Size: 902.32 kB