Advisories ยป MGASA-2015-0272

Updated bind package fixes security vulnerability

Publication date: 09 Jul 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-4620

Description

A recursive resolver that is performing DNSSEC validation can be
deliberately terminated by any attacker who can cause a query to be
performed against a maliciously constructed zone.  This will result in a
denial of service to clients who rely on that resolver (CVE-2015-4620).

Note that DNSSEC validation is not enabled by default.
                

References

SRPMS

4/core

5/core