Lucene search

DebianDEBIAN:DSA-3449-1:81E4D

HistoryJan 19, 2016 - 8:45 p.m.

[SECURITY] [DSA 3449-1] bind9 security update

2016-01-1920:45:23

lists.debian.org

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.958 High

EPSS

Percentile

99.5%

JSON

Debian Security Advisory DSA-3449-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
January 19, 2016 https://www.debian.org/security/faq

Package : bind9
CVE ID : CVE-2015-8704

It was discovered that specific APL RR data could trigger an INSIST
failure in apl_42.c and cause the BIND DNS server to exit, leading to a
denial-of-service.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u9.

For the stable distribution (jessie), this problem has been fixed in
version 1:9.9.5.dfsg-9+deb8u5.

We recommend that you upgrade your bind9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7i386libbind-dev< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_i386.deb
Debian7mipsdnsutils< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9dnsutils_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_mips.deb
Debian8armellibbind9-90< 1:9.9.5.dfsg-9+deb8u5libbind9-90_1:9.9.5.dfsg-9+deb8u5_armel.deb
Debian8s390xlibisccfg-export90-udeb< 1:9.9.5.dfsg-9+deb8u5libisccfg-export90-udeb_1:9.9.5.dfsg-9+deb8u5_s390x.deb
Debian7kfreebsd-amd64libbind-dev< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_kfreebsd-amd64.deb
Debian8armhfbind9utils< 1:9.9.5.dfsg-9+deb8u5bind9utils_1:9.9.5.dfsg-9+deb8u5_armhf.deb
Debian7mipslibbind9-80< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9libbind9-80_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_mips.deb
Debian7armhflibbind-dev< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_armhf.deb
Debian8mipslibbind9-90< 1:9.9.5.dfsg-9+deb8u5libbind9-90_1:9.9.5.dfsg-9+deb8u5_mips.deb
Debian7kfreebsd-i386libisccc80< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9libisccc80_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_kfreebsd-i386.deb

OS	Version	Architecture	Package	Version	Filename
Debian	7	i386	libbind-dev	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9	libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_i386.deb
Debian	7	mips	dnsutils	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9	dnsutils_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_mips.deb
Debian	8	armel	libbind9-90	< 1:9.9.5.dfsg-9+deb8u5	libbind9-90_1:9.9.5.dfsg-9+deb8u5_armel.deb
Debian	8	s390x	libisccfg-export90-udeb	< 1:9.9.5.dfsg-9+deb8u5	libisccfg-export90-udeb_1:9.9.5.dfsg-9+deb8u5_s390x.deb
Debian	7	kfreebsd-amd64	libbind-dev	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9	libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_kfreebsd-amd64.deb
Debian	8	armhf	bind9utils	< 1:9.9.5.dfsg-9+deb8u5	bind9utils_1:9.9.5.dfsg-9+deb8u5_armhf.deb
Debian	7	mips	libbind9-80	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9	libbind9-80_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_mips.deb
Debian	7	armhf	libbind-dev	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9	libbind-dev_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_armhf.deb
Debian	8	mips	libbind9-90	< 1:9.9.5.dfsg-9+deb8u5	libbind9-90_1:9.9.5.dfsg-9+deb8u5_mips.deb
Debian	7	kfreebsd-i386	libisccc80	< 1:9.8.4.dfsg.P1-6+nmu2+deb7u9	libisccc80_1:9.8.4.dfsg.P1-6+nmu2+deb7u9_kfreebsd-i386.deb