Advisories ยป MGASA-2015-0481

Updated bind packages fix security vulnerability

Publication date: 20 Dec 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-8000


An error in the parsing of incoming responses allows some records with
an incorrect class to be accepted by BIND instead of being rejected as
malformed. This can trigger a REQUIRE assertion failure when those
records are subsequently cached. Intentional exploitation of this
condition is possible and could be used as a denial-of-service vector
against servers performing recursive queries (CVE-2015-8000).