MDVSA-2012:177

Package name

bind

Date

2012-12-05

Advisory ID

MDVSA-2012:177

Affected versions

2011 i586 , 2011 x86_64

Problem description

A vulnerability was discovered and corrected in bind:

BIND 9 nameservers using the DNS64 IPv6 transition mechanism are
vulnerable to a software defect that allows a crafted query to crash
the server with a REQUIRE assertion failure. Remote exploitation
of this defect can be achieved without extensive effort, resulting
in a denial-of-service (DoS) vector against affected servers
(CVE-2012-5688).

The updated packages have been upgraded to bind 9.8.4-P1 which is
not vulnerable to this issue.

Updated packages

2011 i586

 66bdbc7b626996ea2ce4771aa9504cf7  2011/i586/bind-9.8.4-0.0.P1.0.1-mdv2011.0.i586.rpm
 f3ff266312bc9c89c1b70c8bc2a68ce5  2011/i586/bind-devel-9.8.4-0.0.P1.0.1-mdv2011.0.i586.rpm
 3d1801ced41b296442954edfe226200f  2011/i586/bind-doc-9.8.4-0.0.P1.0.1-mdv2011.0.i586.rpm
 5260c5359ba15554d18658200337b21e  2011/i586/bind-utils-9.8.4-0.0.P1.0.1-mdv2011.0.i586.rpm 
 19e315c74dd39bc3daed386f9bafda0b  2011/SRPMS/bind-9.8.4-0.0.P1.0.1.src.rpm

2011 x86_64

 98d25a8e80c2ae965e108bd47d327331  2011/x86_64/bind-9.8.4-0.0.P1.0.1-mdv2011.0.x86_64.rpm
 24b3b7e32fe30433bbc3ebc6da14252b  2011/x86_64/bind-devel-9.8.4-0.0.P1.0.1-mdv2011.0.x86_64.rpm
 09b0579ab3053e306453e1d9a77de0f9  2011/x86_64/bind-doc-9.8.4-0.0.P1.0.1-mdv2011.0.x86_64.rpm
 8d375b75c5f340bf71b633672367eb84  2011/x86_64/bind-utils-9.8.4-0.0.P1.0.1-mdv2011.0.x86_64.rpm 
 19e315c74dd39bc3daed386f9bafda0b  2011/SRPMS/bind-9.8.4-0.0.P1.0.1.src.rpm

References

• ftp://ftp.isc.org/isc/bind9/9.8.4-P1/CHANGES
• https://kb.isc.org/article/AA-00828
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688