208 lines
8.7 KiB
JSON
208 lines
8.7 KiB
JSON
{
|
|
"Definition": [
|
|
{
|
|
"ID": "oval:org.altlinux.errata:def:20171027",
|
|
"Version": "oval:org.altlinux.errata:def:20171027",
|
|
"Class": "patch",
|
|
"Metadata": {
|
|
"Title": "ALT-PU-2017-1027: package `bind` update to version 9.9.9-alt1",
|
|
"AffectedList": [
|
|
{
|
|
"Family": "unix",
|
|
"Platforms": [
|
|
"ALT Linux branch c9f2"
|
|
],
|
|
"Products": [
|
|
"ALT SPWorkstation",
|
|
"ALT SPServer"
|
|
]
|
|
}
|
|
],
|
|
"References": [
|
|
{
|
|
"RefID": "ALT-PU-2017-1027",
|
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2017-1027",
|
|
"Source": "ALTPU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2015-12237",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2015-12237",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2016-00941",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2016-00941",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2016-00942",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2016-00942",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "CVE-2015-8000",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-8000",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2015-8461",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2015-8461",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-1285",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-1285",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2016-1286",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2016-1286",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-3135",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-3135",
|
|
"Source": "CVE"
|
|
}
|
|
],
|
|
"Description": "This update upgrades bind to version 9.9.9-alt1. \nSecurity Fix(es):\n\n * BDU:2015-12237: Уязвимость сервера DNS BIND, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2016-00941: Уязвимость сервера DNS BIND, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2016-00942: Уязвимость сервера DNS BIND, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2015-8000: db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.\n\n * CVE-2015-8461: Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.\n\n * CVE-2016-1285: named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.\n\n * CVE-2016-1286: named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.\n\n * CVE-2017-3135: Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1.",
|
|
"Advisory": {
|
|
"From": "errata.altlinux.org",
|
|
"Severity": "High",
|
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
|
"Issued": {
|
|
"Date": "2017-01-12"
|
|
},
|
|
"Updated": {
|
|
"Date": "2017-01-12"
|
|
},
|
|
"BDUs": [
|
|
{
|
|
"ID": "BDU:2015-12237",
|
|
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
|
|
"CWE": "CWE-367",
|
|
"Href": "https://bdu.fstec.ru/vul/2015-12237",
|
|
"Impact": "High",
|
|
"Public": "20151208"
|
|
},
|
|
{
|
|
"ID": "BDU:2016-00941",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CWE": "CWE-20",
|
|
"Href": "https://bdu.fstec.ru/vul/2016-00941",
|
|
"Impact": "Low",
|
|
"Public": "20160310"
|
|
},
|
|
{
|
|
"ID": "BDU:2016-00942",
|
|
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
|
"CWE": "CWE-20",
|
|
"Href": "https://bdu.fstec.ru/vul/2016-00942",
|
|
"Impact": "Low",
|
|
"Public": "20160310"
|
|
}
|
|
],
|
|
"CVEs": [
|
|
{
|
|
"ID": "CVE-2015-8000",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CWE": "CWE-20",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-8000",
|
|
"Impact": "Low",
|
|
"Public": "20151216"
|
|
},
|
|
{
|
|
"ID": "CVE-2015-8461",
|
|
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
|
|
"CWE": "CWE-362",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2015-8461",
|
|
"Impact": "High",
|
|
"Public": "20151216"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-1285",
|
|
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-1285",
|
|
"Impact": "Low",
|
|
"Public": "20160309"
|
|
},
|
|
{
|
|
"ID": "CVE-2016-1286",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
|
|
"CWE": "NVD-CWE-noinfo",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2016-1286",
|
|
"Impact": "High",
|
|
"Public": "20160309"
|
|
},
|
|
{
|
|
"ID": "CVE-2017-3135",
|
|
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
|
|
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-476",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-3135",
|
|
"Impact": "Low",
|
|
"Public": "20190116"
|
|
}
|
|
],
|
|
"AffectedCPEs": {
|
|
"CPEs": [
|
|
"cpe:/o:alt:spworkstation:8.4",
|
|
"cpe:/o:alt:spserver:8.4"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Criteria": {
|
|
"Operator": "AND",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:3001",
|
|
"Comment": "ALT Linux must be installed"
|
|
}
|
|
],
|
|
"Criterias": [
|
|
{
|
|
"Operator": "OR",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171027001",
|
|
"Comment": "bind is earlier than 0:9.9.9-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171027002",
|
|
"Comment": "bind-devel is earlier than 0:9.9.9-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171027003",
|
|
"Comment": "bind-doc is earlier than 0:9.9.9-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171027004",
|
|
"Comment": "bind-utils is earlier than 0:9.9.9-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171027005",
|
|
"Comment": "libbind is earlier than 0:9.9.9-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171027006",
|
|
"Comment": "libisc-export is earlier than 0:9.9.9-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171027007",
|
|
"Comment": "libisc-export-devel is earlier than 0:9.9.9-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171027008",
|
|
"Comment": "lwresd is earlier than 0:9.9.9-alt1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |