FEDORA-2017-44e494db1e

security update in Fedora 25 for bind99

Status: stable a year ago

Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138

Comments 7

This update has been submitted for testing by pemensik.

This update has been pushed to testing.

works for me

karma: +1

works for me

karma: +1

No regressions noticed on x86_64.

karma: +1 critpath: +1

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines
#1441125 CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;"
#1441917 CVE-2017-3136 bind99: bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;" [fedora-all]
#1441133 CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver
#1441913 CVE-2017-3137 bind99: bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver [fedora-all]
#1441137 CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received
#1441926 CVE-2017-3138 bind99: bind: REQUIRE assertion failure when null command string on control channel is received [fedora-all]
Does the system's basic functionality continue to work after this update?
Is the update generally functional?
Content Type
RPM
Status
stable
Test Gating Status
Tests not running
Submitted by
Update Type
security
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted a year ago
in testing a year ago
in stable a year ago

Related Bugs 6

00 #1441125 CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;"
00 #1441917 CVE-2017-3136 bind99: bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;" [fedora-all]
00 #1441133 CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver
00 #1441913 CVE-2017-3137 bind99: bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver [fedora-all]
00 #1441137 CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received
00 #1441926 CVE-2017-3138 bind99: bind: REQUIRE assertion failure when null command string on control channel is received [fedora-all]

Automated Test Results

Test results and gating status may sometimes conflict as the gating status is retrieved periodically by Bodhi's backend server, while the test results presented here are retrieved upon page load. If your update is marked as gated while all the tests show green/passed, the next check of gating status should open the gate.