Summary: | <net-dns/bind-9.9.2_p1: DNS64 REQUIRE Assertion Failure Denial of Service Vulnerability (CVE-2012-5688) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | idl0r, ronie |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/51484/ | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2012-12-05 13:32:50 UTC
net-dns/bind-9.9.2_p1 is in the tree. Feel free to stabilize it. CVE-2012-5688 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5688): ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. (In reply to comment #1) > net-dns/bind-9.9.2_p1 is in the tree. Feel free to stabilize it. Thanks, Christian. Arches, please test and mark stable. =net-dns/bind-9.9.2_p1 Target KEYWORDS: "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" *** Bug 445924 has been marked as a duplicate of this bug. *** amd64 stable Stable for HPPA. x86 stable ppc stable ppc64 stable ia64 stable sparc stable alpha stable arm stable s390/sh stable Thanks, everyone. GLSA vote: yes. Thanks, folks. GLSA Vote: yes, too. Added to existing GLSA request. This issue was resolved and addressed in GLSA 201401-34 at http://security.gentoo.org/glsa/glsa-201401-34.xml by GLSA coordinator Sean Amoss (ackle). |