MGASA-2016-0332

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0332.html

Import Source

https://advisories.mageia.org/MGASA-2016-0332.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2016-0332

Related

Published

2016-10-04T12:20:54Z

Modified

2016-10-04T12:12:57Z

Summary

Updated bind packages fix security vulnerability

Details

The lwresd component in BIND (which is not enabled by default) could crash while processing an overlong request name. This could lead to a denial of service (CVE-2016-2775).

A crafted query could crash the BIND name server daemon, leading to a denial of service. All server roles (authoritative, recursive and forwarding) in default configurations are affected (CVE-2016-2776).

A conflict between the bind and bind-doc packages has also been fixed (mga#10880).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / bind

Package

Name: bind
Purl: pkg:rpm/mageia/bind?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.10.3.P4-1.1.mga5

Ecosystem specific

{
    "section": "core"
}