Upstream has issued advisories on September 2: https://kb.isc.org/article/AA-01287 https://kb.isc.org/article/AA-01291 These are critical, remotely exploitable denial of service vulnerabilities. Advisory: ======================== Updated bind packages fix security vulnerability: Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from a zone containing a deliberately malformed key (CVE-2015-5722). An incorrect boundary check in openpgpkey_61.c can cause named to terminate due to a REQUIRE assertion failure. This defect can be deliberately exploited by an attacker who can provide a maliciously constructed response in answer to a query (CVE-2015-5986). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986 https://kb.isc.org/article/AA-01287 https://kb.isc.org/article/AA-01291 https://kb.isc.org/article/AA-01300 https://kb.isc.org/article/AA-01301 ======================== Updated packages in core/updates_testing: ======================== bind-9.9.7.P3-1.mga4 bind-sdb-9.9.7.P3-1.mga4 bind-utils-9.9.7.P3-1.mga4 bind-devel-9.9.7.P3-1.mga4 bind-doc-9.9.7.P3-1.mga4 bind-9.10.2.P4-1.mga5 bind-sdb-9.10.2.P4-1.mga5 bind-utils-9.10.2.P4-1.mga5 bind-devel-9.10.2.P4-1.mga5 bind-doc-9.10.2.P4-1.mga5 from SRPMS: bind-9.9.7.P3-1.mga4.src.rpm bind-9.10.2.P4-1.mga5.src.rpm Reproducible: Steps to Reproduce:
Testing procedure: similar to https://bugs.mageia.org/show_bug.cgi?id=9163#c8
Whiteboard: (none) => MGA4TOO has_procedure
CVE-2015-5722: http://lwn.net/Vulnerabilities/656533/ CVE-2015-5986: http://lwn.net/Vulnerabilities/656535/
URL: (none) => http://lwn.net/Vulnerabilities/656533/
Looking at this for mga5 x86_64. Installed bind-9.10.2.P3-1.mga5.x86_64 Ran the test described in the link from comment 1 and generated similar result. Installed bind-9.10.2.P4-1.mga5.x86_64 which brought in bind-utils-9.10.2.P4-1.mga5.x86_64 Installed: bind-sdb-9.10.2.P4-1.mga5 bind-devel-9.10.2.P4-1.mga5 As root: service named restart [lcl@vega ~/test]$ dig @localhost mageia.org ; <<>> DiG 9.10.2-P4 <<>> @localhost mageia.org ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22353 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mageia.org. IN A ;; ANSWER SECTION: mageia.org. 1800 IN A 217.70.188.116 ;; AUTHORITY SECTION: mageia.org. 86400 IN NS ns1.mageia.org. mageia.org. 86400 IN NS ns0.mageia.org. ;; ADDITIONAL SECTION: ns0.mageia.org. 86400 IN A 212.85.158.146 ns1.mageia.org. 86400 IN A 95.142.164.207 ;; Query time: 140 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sat Sep 05 19:16:26 BST 2015 ;; MSG SIZE rcvd: 123 Virtually the same output as before.
CC: (none) => tarazed25
Whiteboard: MGA4TOO has_procedure => MGA4TOO has_procedure MGA5-64-OK
Testing MGA4 x64 BEFORE: Installed: bind-sdb-9.9.7.P2-1.mga4 bind-doc-9.9.7.P2-1.mga4 bind-utils-9.9.7.P2-1.mga4 bind-9.9.7.P2-1.mga4 Ran the test as per the link in Comment 1: # systemctl start named.service # dig @localhost mageia.org ; <<>> DiG 9.9.7-P2 <<>> @localhost mageia.org ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 63420 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 2800 ;; QUESTION SECTION: ;mageia.org. IN A ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Llu Med 07 09:08:09 CEST 2015 ;; MSG SIZE rcvd: 39 AFTER: updated to: bind-sdb-9.9.7.P3-1.mga4 bind-utils-9.9.7.P3-1.mga4 bind-doc-9.9.7.P3-1.mga4 bind-9.9.7.P3-1.mga4 # systemctl restart named.service # dig @localhost mageia.org Output identical to previously (ecept id and WHEN). Update deemed OK.
CC: (none) => lewyssmithWhiteboard: MGA4TOO has_procedure MGA5-64-OK => MGA4TOO has_procedure MGA5-64-OK MGA4-64-OK
Validating. Advisory uploaded. Please push to 4 & 5 updates Thanks
Keywords: (none) => validated_updateWhiteboard: MGA4TOO has_procedure MGA5-64-OK MGA4-64-OK => MGA4TOO has_procedure advisory MGA5-64-OK MGA4-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0341.html
Status: NEW => RESOLVEDResolution: (none) => FIXED