Articles / SuSE: New bind packages fix…

SuSE: New bind packages fix remote denial of service

A remote Denial of Service vulnerability has been fixed in bind. Specially crafted packets could cause bind servers (recursive as well as authoritative) to exit. Updated packages are available from download.opensuse.org.

  openSUSE Security Update: bind: fixing remote Denial of Service (CVE-2011-2464)
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2011:0788-1
Rating:             important
References:         #703907 
Cross-References:   CVE-2011-2464
Affected Products:
                   openSUSE 11.4
                   openSUSE 11.3
______________________________________________________________________________

  An update that fixes one vulnerability is now available. It
  includes one version update.

Description:

  A remote Denial of Service vulnerability has been fixed in
  bind.  Specially crafted packets could cause bind servers
  (recursive as well as authoritative) to exit.
  CVE-2011-2464  has been assigned to this issue.


Special Instructions and Notes:

  This update triggers a restart of the software management
  stack. More updates will be available for installation
  after applying this update and restarting the application.
  This update triggers a restart of the software management
  stack. More updates will be available for installation
  after applying this update and restarting the application.
  This update triggers a restart of the software management
  stack. More updates will be available for installation
  after applying this update and restarting the application.

Patch Instructions:

  To install this openSUSE Security Update use YaST online_update.
  Alternatively you can run the command listed for your product:

  - openSUSE 11.4:

     zypper in -t patch bind-4843

  - openSUSE 11.3:

     zypper in -t patch bind-4843

  To bring your system up-to-date, use "zypper patch".


Package List:

  - openSUSE 11.4 (i586 x86_64) [New Version: 9.7.3P3]:

     bind-9.7.3P3-0.2.1
     bind-chrootenv-9.7.3P3-0.2.1
     bind-devel-9.7.3P3-0.2.1
     bind-libs-9.7.3P3-0.2.1
     bind-utils-9.7.3P3-0.2.1

  - openSUSE 11.4 (x86_64) [New Version: 9.7.3P3]:

     bind-libs-32bit-9.7.3P3-0.2.1

  - openSUSE 11.4 (noarch) [New Version: 9.7.3P3]:

     bind-doc-9.7.3P3-0.2.1

  - openSUSE 11.3 (i586 x86_64) [New Version: 9.7.3P3]:

     bind-9.7.3P3-0.2.1
     bind-chrootenv-9.7.3P3-0.2.1
     bind-devel-9.7.3P3-0.2.1
     bind-libs-9.7.3P3-0.2.1
     bind-utils-9.7.3P3-0.2.1

  - openSUSE 11.3 (x86_64) [New Version: 9.7.3P3]:

     bind-libs-32bit-9.7.3P3-0.2.1

  - openSUSE 11.3 (noarch) [New Version: 9.7.3P3]:

     bind-doc-9.7.3P3-0.2.1


References:

  http://support.novell.com/security/cve/CVE-2011-2464.html
  https://bugzilla.novell.com/703907
Screenshot

Project Spotlight

Kigo Video Converter Ultimate for Mac

A tool for converting and editing videos.

Screenshot

Project Spotlight

Kid3

An efficient tagger for MP3, Ogg/Vorbis, and FLAC files.