Security update for bind SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2015:1304-1 Final 1 1 2015-07-28T13:37:03Z current 2015-07-28T13:37:03Z 2015-07-28T13:37:03Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for bind bind was updated to fix one security issue. This security issue was fixed: - CVE-2015-5477: Remote DoS via TKEY queries (bsc#939567) Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-bind-12008,sdksp4-bind-12008,sledsp3-bind-12008,sledsp4-bind-12008,slessp2-bind-12008,slessp3-bind-12008,slessp4-bind-12008 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2015/suse-su-20151304-1/ Link for SUSE-SU-2015:1304-1 https://lists.suse.com/pipermail/sle-security-updates/2015-July/001512.html E-Mail link for SUSE-SU-2015:1304-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/939567 SUSE Bug 939567 https://www.suse.com/security/cve/CVE-2015-5477/ SUSE CVE CVE-2015-5477 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 bind-devel-9.9.6P1-0.12.1 bind-devel-32bit-9.9.6P1-0.12.1 bind-libs-9.9.6P1-0.12.1 bind-libs-32bit-9.9.6P1-0.12.1 bind-utils-9.9.6P1-0.12.1 bind-9.9.6P1-0.12.1 bind-chrootenv-9.9.6P1-0.12.1 bind-doc-9.9.6P1-0.12.1 bind-libs-x86-9.9.6P1-0.12.1 bind-libs-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 bind-libs-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 bind-utils-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 bind-libs-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 bind-libs-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 bind-utils-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Desktop 11 SP4 bind-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-chrootenv-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-devel-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-doc-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-libs-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-libs-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-utils-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3 bind-chrootenv-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3 bind-doc-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3 bind-libs-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3 bind-libs-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3 bind-libs-x86-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3 bind-utils-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3 bind-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-chrootenv-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-doc-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-libs-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-libs-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-libs-x86-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-utils-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-chrootenv-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-doc-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-libs-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-libs-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-libs-x86-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-utils-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 bind-chrootenv-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 bind-doc-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 bind-libs-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 bind-libs-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 bind-libs-x86-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 bind-utils-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 bind-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-chrootenv-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-doc-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-libs-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-libs-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-libs-x86-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-utils-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-devel-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 bind-devel-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 bind-devel-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 bind-devel-32bit-9.9.6P1-0.12.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries. CVE-2015-5477 SUSE Linux Enterprise Desktop 11 SP3:bind-libs-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Desktop 11 SP3:bind-libs-9.9.6P1-0.12.1 SUSE Linux Enterprise Desktop 11 SP3:bind-utils-9.9.6P1-0.12.1 SUSE Linux Enterprise Desktop 11 SP4:bind-libs-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Desktop 11 SP4:bind-libs-9.9.6P1-0.12.1 SUSE Linux Enterprise Desktop 11 SP4:bind-utils-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-chrootenv-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-devel-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-doc-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-libs-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-libs-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-utils-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-chrootenv-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-doc-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-libs-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-libs-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-libs-x86-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-utils-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3:bind-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3:bind-chrootenv-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3:bind-doc-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3:bind-libs-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3:bind-libs-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3:bind-libs-x86-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP3:bind-utils-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP4:bind-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP4:bind-chrootenv-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP4:bind-doc-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP4:bind-libs-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP4:bind-libs-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP4:bind-libs-x86-9.9.6P1-0.12.1 SUSE Linux Enterprise Server 11 SP4:bind-utils-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:bind-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:bind-chrootenv-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:bind-doc-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:bind-libs-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:bind-libs-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:bind-libs-x86-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:bind-utils-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-chrootenv-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-doc-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-libs-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-libs-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-libs-x86-9.9.6P1-0.12.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-utils-9.9.6P1-0.12.1 SUSE Linux Enterprise Software Development Kit 11 SP3:bind-devel-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Software Development Kit 11 SP3:bind-devel-9.9.6P1-0.12.1 SUSE Linux Enterprise Software Development Kit 11 SP4:bind-devel-32bit-9.9.6P1-0.12.1 SUSE Linux Enterprise Software Development Kit 11 SP4:bind-devel-9.9.6P1-0.12.1 important 6.8 AV:N/AC:L/Au:S/C:N/I:N/A:C 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2015/suse-su-20151304-1/ https://www.suse.com/security/cve/CVE-2015-5477.html CVE-2015-5477 https://bugzilla.suse.com/1000362 SUSE Bug 1000362 https://bugzilla.suse.com/939567 SUSE Bug 939567 https://bugzilla.suse.com/980168 SUSE Bug 980168