Security update for bind SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:2405-1 Final 1 1 2016-09-27T16:19:20Z current 2016-09-27T16:19:20Z 2016-09-27T16:19:20Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for bind The nameserver bind was updated to fix a remote denial of service vulnerability, where a crafted packet could cause the nameserver to abort. (CVE-2016-2776, bsc#1000362) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp4-bind-12763,sleclo50sp3-bind-12763,sleman21-bind-12763,slemap21-bind-12763,sleposp3-bind-12763,slessp2-bind-12763,slessp3-bind-12763,slessp4-bind-12763 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20162405-1/ Link for SUSE-SU-2016:2405-1 https://lists.suse.com/pipermail/sle-security-updates/2016-September/002297.html E-Mail link for SUSE-SU-2016:2405-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1000362 SUSE Bug 1000362 https://www.suse.com/security/cve/CVE-2016-2776/ SUSE CVE CVE-2016-2776 page SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Manager 2.1 SUSE Manager Proxy 2.1 SUSE OpenStack Cloud 5 bind-devel-9.9.6P1-0.30.1 bind-devel-32bit-9.9.6P1-0.30.1 bind-9.9.6P1-0.30.1 bind-chrootenv-9.9.6P1-0.30.1 bind-doc-9.9.6P1-0.30.1 bind-libs-9.9.6P1-0.30.1 bind-libs-32bit-9.9.6P1-0.30.1 bind-utils-9.9.6P1-0.30.1 bind-libs-x86-9.9.6P1-0.30.1 bind-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 bind-chrootenv-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 bind-doc-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 bind-libs-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 bind-utils-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 bind-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-chrootenv-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-devel-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-doc-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-libs-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-libs-32bit-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-utils-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP2-LTSS bind-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS bind-chrootenv-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS bind-doc-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS bind-libs-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS bind-libs-32bit-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS bind-utils-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-LTSS bind-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-chrootenv-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-doc-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-libs-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-libs-32bit-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-utils-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA bind-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-chrootenv-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-doc-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-libs-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-libs-32bit-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-libs-x86-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-utils-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server 11 SP4 bind-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-chrootenv-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-doc-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-libs-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-libs-32bit-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-libs-x86-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-utils-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 bind-devel-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 bind-devel-32bit-9.9.6P1-0.30.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 bind-9.9.6P1-0.30.1 as a component of SUSE Manager 2.1 bind-chrootenv-9.9.6P1-0.30.1 as a component of SUSE Manager 2.1 bind-doc-9.9.6P1-0.30.1 as a component of SUSE Manager 2.1 bind-libs-9.9.6P1-0.30.1 as a component of SUSE Manager 2.1 bind-libs-32bit-9.9.6P1-0.30.1 as a component of SUSE Manager 2.1 bind-utils-9.9.6P1-0.30.1 as a component of SUSE Manager 2.1 bind-9.9.6P1-0.30.1 as a component of SUSE Manager Proxy 2.1 bind-chrootenv-9.9.6P1-0.30.1 as a component of SUSE Manager Proxy 2.1 bind-doc-9.9.6P1-0.30.1 as a component of SUSE Manager Proxy 2.1 bind-libs-9.9.6P1-0.30.1 as a component of SUSE Manager Proxy 2.1 bind-libs-32bit-9.9.6P1-0.30.1 as a component of SUSE Manager Proxy 2.1 bind-utils-9.9.6P1-0.30.1 as a component of SUSE Manager Proxy 2.1 bind-9.9.6P1-0.30.1 as a component of SUSE OpenStack Cloud 5 bind-chrootenv-9.9.6P1-0.30.1 as a component of SUSE OpenStack Cloud 5 bind-doc-9.9.6P1-0.30.1 as a component of SUSE OpenStack Cloud 5 bind-libs-9.9.6P1-0.30.1 as a component of SUSE OpenStack Cloud 5 bind-libs-32bit-9.9.6P1-0.30.1 as a component of SUSE OpenStack Cloud 5 bind-utils-9.9.6P1-0.30.1 as a component of SUSE OpenStack Cloud 5 buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. CVE-2016-2776 SUSE Linux Enterprise Point of Sale 11 SP3:bind-9.9.6P1-0.30.1 SUSE Linux Enterprise Point of Sale 11 SP3:bind-chrootenv-9.9.6P1-0.30.1 SUSE Linux Enterprise Point of Sale 11 SP3:bind-doc-9.9.6P1-0.30.1 SUSE Linux Enterprise Point of Sale 11 SP3:bind-libs-9.9.6P1-0.30.1 SUSE Linux Enterprise Point of Sale 11 SP3:bind-utils-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-chrootenv-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-devel-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-doc-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-libs-32bit-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-libs-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP2-LTSS:bind-utils-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-LTSS:bind-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-LTSS:bind-chrootenv-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-LTSS:bind-doc-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-LTSS:bind-libs-32bit-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-LTSS:bind-libs-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-LTSS:bind-utils-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-chrootenv-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-doc-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-libs-32bit-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-libs-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:bind-utils-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP4:bind-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP4:bind-chrootenv-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP4:bind-doc-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP4:bind-libs-32bit-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP4:bind-libs-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP4:bind-libs-x86-9.9.6P1-0.30.1 SUSE Linux Enterprise Server 11 SP4:bind-utils-9.9.6P1-0.30.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-9.9.6P1-0.30.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-chrootenv-9.9.6P1-0.30.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-doc-9.9.6P1-0.30.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-libs-32bit-9.9.6P1-0.30.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-libs-9.9.6P1-0.30.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-libs-x86-9.9.6P1-0.30.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:bind-utils-9.9.6P1-0.30.1 SUSE Linux Enterprise Software Development Kit 11 SP4:bind-devel-32bit-9.9.6P1-0.30.1 SUSE Linux Enterprise Software Development Kit 11 SP4:bind-devel-9.9.6P1-0.30.1 SUSE Manager 2.1:bind-9.9.6P1-0.30.1 SUSE Manager 2.1:bind-chrootenv-9.9.6P1-0.30.1 SUSE Manager 2.1:bind-doc-9.9.6P1-0.30.1 SUSE Manager 2.1:bind-libs-32bit-9.9.6P1-0.30.1 SUSE Manager 2.1:bind-libs-9.9.6P1-0.30.1 SUSE Manager 2.1:bind-utils-9.9.6P1-0.30.1 SUSE Manager Proxy 2.1:bind-9.9.6P1-0.30.1 SUSE Manager Proxy 2.1:bind-chrootenv-9.9.6P1-0.30.1 SUSE Manager Proxy 2.1:bind-doc-9.9.6P1-0.30.1 SUSE Manager Proxy 2.1:bind-libs-32bit-9.9.6P1-0.30.1 SUSE Manager Proxy 2.1:bind-libs-9.9.6P1-0.30.1 SUSE Manager Proxy 2.1:bind-utils-9.9.6P1-0.30.1 SUSE OpenStack Cloud 5:bind-9.9.6P1-0.30.1 SUSE OpenStack Cloud 5:bind-chrootenv-9.9.6P1-0.30.1 SUSE OpenStack Cloud 5:bind-doc-9.9.6P1-0.30.1 SUSE OpenStack Cloud 5:bind-libs-32bit-9.9.6P1-0.30.1 SUSE OpenStack Cloud 5:bind-libs-9.9.6P1-0.30.1 SUSE OpenStack Cloud 5:bind-utils-9.9.6P1-0.30.1 important 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20162405-1/ https://www.suse.com/security/cve/CVE-2016-2776.html CVE-2016-2776 https://bugzilla.suse.com/1000362 SUSE Bug 1000362 https://bugzilla.suse.com/1001595 SUSE Bug 1001595 https://bugzilla.suse.com/1001597 SUSE Bug 1001597 https://bugzilla.suse.com/1007829 SUSE Bug 1007829