Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware64-13.0 ChangeLog (2015-09-02) ====== ====== Wed Sep 2 19:36:31 UTC 2015 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware64.13.0>patches/packages/bind-9.9.7_P3-x86_64-1_slack13.0.txz]] \\ This update fixes two denial-of-service vulnerabilities: \\ + CVE-2015-5722 is a denial-of-service vector which can be \\ exploited remotely against a BIND server that is performing \\ validation on DNSSEC-signed records. Validating recursive \\ resolvers are at the greatest risk from this defect, but it has not \\ been ruled out that it could be exploited against an \\ authoritative-only nameserver under limited conditions. Servers \\ that are not performing validation are not vulnerable. However, \\ ISC does not recommend disabling validation as a workaround to \\ this issue as it exposes the server to other types of attacks. \\ Upgrading to the patched versions is the recommended solution. \\ All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722. \\ + CVE-2015-5986 is a denial-of-service vector which can be used \\ against a BIND server that is performing recursion. Validation \\ is not required. Recursive resolvers are at the greatest risk \\ from this defect, but it has not been ruled out that it could \\ be exploited against an authoritative-only nameserver under \\ limited conditions. \\ Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to \\ CVE-2015-5986. \\ For more information, see: \\ https://kb.isc.org/article/AA-01287/0 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722 \\ https://kb.isc.org/article/AA-01291/0 \\ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986 \\ (* Security fix *) {{tag>slackware changelog slackware64-13.0 2015-09}} news/2015/09/02/slackware64-13.0-changelog.txt Last modified: 13 months agoby Giuseppe Di Terlizzi Log In