MGASA-2012-0287
| Date: | October 11th, 2012 |
| Affected releases: | 1, 2 |
Description:
Updated bind packages fix security vulnerability:
A certain combination of records in the RBT could cause named to hang
while populating the additional section of a response. (CVE-2012-5166).
Updated Packages:
Mageia 1:
bind-9.8.3P4-1.mga1
bind-utils-9.8.3P4-1.mga1
bind-devel-9.8.3P4-1.mga1
bind-doc-9.8.3P4-1.mga1
Mageia 2:
bind-9.9.1.P4-1.mga2
bind-sdb-9.9.1.P4-1.mga2
bind-utils-9.9.1.P4-1.mga2
bind-devel-9.9.1.P4-1.mga2
bind-doc-9.9.1.P4-1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166
ftp://ftp.isc.org/isc/bind/9.8.3-P4/CHANGES
ftp://ftp.isc.org/isc/bind/9.9.1-P4/CHANGES
ftp://ftp.isc.org/isc/bind9/9.8.3-P4/RELEASE-NOTES-BIND-9.8.3-P4.txt
ftp://ftp.isc.org/isc/bind9/9.9.1-P4/RELEASE-NOTES-BIND-9.9.1-P4.txt
https://kb.isc.org/article/AA-00801
http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:162
https://bugs.mageia.org/show_bug.cgi?id=7762
