Security update for bind SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:1335-1 Final 1 1 2015-07-29T14:37:38Z current 2015-07-29T14:37:38Z 2015-07-29T14:37:38Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for bind bind was updated to fix one security issue. This security issue was fixed: - CVE-2015-5477: Remote DoS via TKEY queries (boo#939567) Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2015-08/msg00001.html E-Mail link for openSUSE-SU-2015:1335-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings bind-9.9.4P2-2.14.1 bind-chrootenv-9.9.4P2-2.14.1 bind-devel-9.9.4P2-2.14.1 bind-doc-9.9.4P2-2.14.1 bind-libs-9.9.4P2-2.14.1 bind-libs-32bit-9.9.4P2-2.14.1 bind-lwresd-9.9.4P2-2.14.1 bind-utils-9.9.4P2-2.14.1 named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries. CVE-2015-5477 moderate 6.8 AV:N/AC:L/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2015-08/msg00001.html https://www.suse.com/security/cve/CVE-2015-5477.html CVE-2015-5477 https://bugzilla.suse.com/1000362 SUSE Bug 1000362 https://bugzilla.suse.com/939567 SUSE Bug 939567 https://bugzilla.suse.com/980168 SUSE Bug 980168