773 – [SECURITY] Update bind to 9.5.2-P1

Bug 773 - [SECURITY] Update bind to 9.5.2-P1

Summary: [SECURITY] Update bind to 9.5.2-P1

Status:	RESOLVED FIXED

Alias:	None

Product:	buildroot
Classification:	Unclassified
Component:	Outdated package (show other bugs)
Version:	unspecified
Hardware:	PC Linux

Importance:	P5 major
Target Milestone:	---
Assignee:	unassigned

URL:	http://cve.mitre.org/cgi-bin/cvename....
Keywords:

Depends on:
Blocks:

Reported:	2009-12-03 16:28 UTC by Gustavo Zacarias
Modified:	2009-12-06 19:11 UTC (History)
CC List:	1 user (show)

See Also:
Host:	i686-linux
Target:	arm-softfloat-linux-uclibcgnueabi
Build:

Attachments
Update bind to 9.5.2-P1 (2.29 KB, patch) 2009-12-03 16:28 UTC, Gustavo Zacarias	Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Gustavo Zacarias 2009-12-03 16:28:53 UTC

Created attachment 805 [details]
Update bind to 9.5.2-P1

Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)."

Comment 1 Peter Korsgaard 2009-12-06 19:11:48 UTC

Committed, thanks.