| Summary: | [SECURITY] Update bind to 9.5.2-P1 | ||
|---|---|---|---|
| Product: | buildroot | Reporter: | Gustavo Zacarias <gustavo> |
| Component: | Outdated package | Assignee: | unassigned |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | buildroot |
| Priority: | P5 | ||
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| URL: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 | ||
| Host: | i686-linux | Target: | arm-softfloat-linux-uclibcgnueabi |
| Build: | |||
| Attachments: | Update bind to 9.5.2-P1 | ||
Committed, thanks. |
Created attachment 805 [details] Update bind to 9.5.2-P1 Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)."