Updated bind packages fix security vulnerability
Publication date: 23 Aug 2018Type: security
Affected Mageia releases : 6
CVE: CVE-2018-5740
Description
Updated bind packages fix security vulnerability: In ISC BIND, a defect in thie "deny-answer-aliases" feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients (CVE-2018-5740). Note that only servers which have explicitly enabled the "deny-answer-aliases" feature are at risk and disabling the feature prevents exploitation.
References
SRPMS
6/core
- bind-9.10.8.P1-1.mga6