Bug 17541

Summary: bind new security issues CVE-2015-8704 and CVE-2015-8705
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: davidwhodgins, sysadmin-bugs
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://lwn.net/Vulnerabilities/672559/
Whiteboard: has_procedure advisory MGA5-64-OK
Source RPM: bind-9.10.3.P2-1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2016-01-20 01:55:23 CET 
Upstream has issued advisories today (January 19):
https://kb.isc.org/article/AA-01335
https://kb.isc.org/article/AA-01336

These are remotely exploitable denial of service vulnerabilities.  The first is high severity.

Updated packages uploaded for Mageia 5 and Cauldron.

Advisory:
========================

Updated bind packages fix security vulnerabilities:

In ISC BIND before 9.10.3-P3, a buffer size check used to guard against
overflow could cause named to exit with an INSIST failure In apl_42.c
(CVE-2015-8704).

In ISC BIND before 9.10.3-P3, errors can occur when OPT pseudo-RR data or ECS
options are formatted to text.  In 9.10.3 through 9.10.3-P2, the issue may
result in a REQUIRE assertion failure in buffer.c, causing a crash.  This can
be avoided in named by disabling debug logging (CVE-2015-8705).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8705
https://kb.isc.org/article/AA-01335
https://kb.isc.org/article/AA-01336
https://kb.isc.org/article/AA-01346
========================

Updated packages in core/updates_testing:
========================
bind-9.10.3.P3-1.mga5
bind-sdb-9.10.3.P3-1.mga5
bind-utils-9.10.3.P3-1.mga5
bind-devel-9.10.3.P3-1.mga5
bind-doc-9.10.3.P3-1.mga5

from bind-9.10.3.P3-1.mga5.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2016-01-20 01:55:33 CET 
Testing procedure: similar to
https://bugs.mageia.org/show_bug.cgi?id=9163#c8

Whiteboard: (none) => has_procedure

Dave Hodgins 2016-01-20 02:29:30 CET

CC: (none) => davidwhodgins
Whiteboard: has_procedure => has_procedure advisory

Dave Hodgins 2016-01-20 02:34:57 CET

Keywords: (none) => validated_update
Whiteboard: has_procedure advisory => has_procedure advisory MGA5-64-OK
CC: (none) => sysadmin-bugs

Comment 2 Dave Hodgins 2016-01-20 02:36:38 CET 
Testing complete on x86_64. Advisory added to svn. Validating the update.
Comment 3 Mageia Robot 2016-01-20 18:54:33 CET 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0030.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

David Walser 2016-01-20 18:55:41 CET

URL: (none) => http://lwn.net/Vulnerabilities/672559/

Comment 4 David Walser 2016-01-21 20:24:58 CET 
LWN reference for CVE-2015-8705:
http://lwn.net/Vulnerabilities/672817/