Security update for bind SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:1250-2 Final 1 1 2015-07-09T10:44:21Z current 2015-07-09T10:44:21Z 2015-07-09T10:44:21Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for bind bind was updated to fix three security issues. These security issues were fixed: - CVE-2015-1349: named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allowed remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use (bsc#918330). - CVE-2014-8500: ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 did not limit delegation chaining, which allowed remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals (bsc#908994). - CVE-2015-4620: Resolver crash when validating (bsc#936476). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2015-07/msg00039.html E-Mail link for openSUSE-SU-2015:1250-2 https://www.suse.com/support/security/rating/ SUSE Security Ratings bind-9.9.4P2-2.11.1 bind-chrootenv-9.9.4P2-2.11.1 bind-devel-9.9.4P2-2.11.1 bind-doc-9.9.4P2-2.11.1 bind-libs-9.9.4P2-2.11.1 bind-libs-32bit-9.9.4P2-2.11.1 bind-lwresd-9.9.4P2-2.11.1 bind-utils-9.9.4P2-2.11.1 ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals. CVE-2014-8500 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-07/msg00039.html https://www.suse.com/security/cve/CVE-2014-8500.html CVE-2014-8500 https://bugzilla.suse.com/908994 SUSE Bug 908994 named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use. CVE-2015-1349 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-07/msg00039.html https://www.suse.com/security/cve/CVE-2015-1349.html CVE-2015-1349 https://bugzilla.suse.com/918330 SUSE Bug 918330 name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone. CVE-2015-4620 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-07/msg00039.html https://www.suse.com/security/cve/CVE-2015-4620.html CVE-2015-4620 https://bugzilla.suse.com/936476 SUSE Bug 936476