Project

General

Profile

Bug #9358

Bug #9357: bind: A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named (CVE-2018-5740)

[3.8] bind: A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named (CVE-2018-5740)

Added by Alicha CH 5 months ago. Updated 5 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
08/29/2018
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing
the security model used by client browsers.  However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. 

Fixed In Version:

bind 9.9.13-P1, bind 9.10.8-P1, bind 9.11.4-P1, bind 9.12.2-P1, bind 9.11.3-S3

Reference:

https://kb.isc.org/article/AA-01639/74/CVE-2018-5740

Associated revisions

Revision 4ec71c5a (diff)
Added by Natanael Copa 5 months ago

main/bind: security upgrade to 9.12.2_p1 (CVE-2018-5740)

fixes #9358

History

#1 Updated by Natanael Copa 5 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH 5 months ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from Resolved to Closed
  • Security IDs deleted (CVE-2018-5740)

Also available in: Atom PDF