Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 499074 - net-dns/bind-9.9.4_p1 update request to _p2 (DoS vulnerability, CVE-2014-0591)
Summary: net-dns/bind-9.9.4_p1 update request to _p2 (DoS vulnerability, CVE-2014-0591)
Status: RESOLVED DUPLICATE of bug 498016
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal critical (vote)
Assignee: Gentoo Linux bug wranglers
URL: https://kb.isc.org/article/AA-01078/0
Whiteboard:
Keywords: Bug, EBUILD, SECURITY
Depends on:
Blocks:
 
Reported: 2014-01-23 20:33 UTC by Mark (voidzero)
Modified: 2014-01-23 21:13 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mark (voidzero) 2014-01-23 20:33:18 UTC
I am affected by the following problems:

CVE-2014-0591: "A Crafted Query Against an NSEC3-signed Zone Can Crash BIND"
https://kb.isc.org/article/AA-01078/0

The crashes, in my case occur due to glibc 2.18 but there are also problems that are unrelated to the glibc version being used.

In my case the problem is described here:
CVE-2014-0591 FAQ and addendum
https://kb.isc.org/article/AA-01085

Please update to 9.9.4_p2 at the earliest convenience. Thank you.
Comment 1 Alex Xu (Hello71) 2014-01-23 21:13:25 UTC

*** This bug has been marked as a duplicate of bug 498016 ***