Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » SUSE-2014:10100

Overview

Id SUSE-2014:10100
Name Novell SUSE 2014:10100 bind security update for SLE 11 SP3 x86_64
Vendor Name novell
Product None
Content Type Critical Critical
Language(s)
Operating System(s) Linux 
Released On 17 Dec 2014 12:00:00

SUSE-2014:10100

Novell SUSE 2014:10100 bind security update for SLE 11 SP3 x86_64

Vendor Name

novell

Product

None

Released On

17 Dec 2014 12:00:00

Url

http://www.novell.com/support

Description

LSAC(v2)
bind has been updated to version 9.9.6P1, fixing the following security issue: * A flaw in delegation handling could be exploited to put named into an infinite loop. This has been addressed by placing limits on the number of levels of recursion named will allow (default 7), and the number of iterative queries that it will send (default 50) before terminating a recursive query (CVE-2014-8500, bnc#908994). * The recursion depth limit is configured via the "max-recursion-depth" option, and the query limit via the "max-recursion-queries" option. Additionally, two non-security issues have been fixed: * bnc#882511: Fix a multi-thread issue with IXFR. * bnc#743758: Fix handling of TXT records in ldapdump. Security Issues: * CVE-2014-8500

Related Resources

Related Vulnerabilities

None

Related Patches

Superseded Patches

None


Last Updated: 27 May 2016 11:20:28