BIND: Denial of service — GLSA 201401-34

Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service.

Affected packages

Background

BIND is the Berkeley Internet Name Domain Server.

Description

Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker may be able to cause a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-dns/bind-9.9.4_p2"
 

References

• CVE-2012-5166
• CVE-2012-5688
• CVE-2012-5689
• CVE-2013-2266
• CVE-2013-3919
• CVE-2013-4854
• CVE-2014-0591

Release date
January 29, 2014

Latest revision
January 29, 2014: 1

Severity
normal

Exploitable
remote

Bugzilla entries

• 437828
• 446094
• 453974
• 463497
• 478316
• 483208
• 498016