Advisories » MGASA-2018-0092

Updated bind packages fix security vulnerability

Publication date: 24 Jan 2018
Modification date: 24 Jan 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-3145

Description

BIND was improperly sequencing cleanup operations on upstream recursion
fetch contexts, leading in some cases to a use-after-free error that can
trigger an assertion failure and crash in named (CVE-2017-3145).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22409
• https://kb.isc.org/article/AA-01542
• https://kb.isc.org/article/AA-01548
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145

SRPMS

6/core

• bind-9.10.6.P1-1.mga6