Updated bind package fixes security vulnerability
Publication date: 09 Jul 2015Modification date: 09 Jul 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-4620
Description
A recursive resolver that is performing DNSSEC validation can be
deliberately terminated by any attacker who can cause a query to be
performed against a maliciously constructed zone. This will result in a
denial of service to clients who rely on that resolver (CVE-2015-4620).
Note that DNSSEC validation is not enabled by default.
References
SRPMS
4/core
- bind-9.9.7.P1-1.mga4
5/core
- bind-9.10.2.P2-1.mga5