[3.1] bind: Assertion Failure in buffer.c While Building Responses to a Specifically Constructed Request (CVE-2016-2776)
A defect in the rendering of messages into packets can cause named to
exit with an assertion
failure in buffer.c while constructing a response to a query that meets certain criteria.
This assertion can be triggered even if the apparent source address isn’t allowed to make queries (i.e. doesn’t match ‘allow-query’).
9.0.x ->9.8.x, 9.9.0
9.9.3-S1>9.9.9-S3, 9.10.0 9.10.4-P2, 9.11.0a1>9.11.0rc1
Fixed In Version:
bind 9.9.9-P3, bind 9.10.4-P3
(from redmine: issue id 6227, created on 2016-09-28, closed on 2016-10-25)
- parent #6222 (closed)
- Revision ed53a1ae on 2016-10-19T08:24:49Z:
main/bind: security upgrade to 9.10.4_p3 (CVE-2016-2776) Fixes #6227
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information