[ninux-dev] Fwd: [OpenWrt-Devel] [CC 15.05-rc3] bind: Security update (2 CVEs)
Nemesis
nemesis at ninux.org
Thu Sep 3 16:05:46 CEST 2015
-------- Forwarded Message --------
Subject: [OpenWrt-Devel] [CC 15.05-rc3] bind: Security update (2 CVEs)
Date: Thu, 3 Sep 2015 15:59:29 +0200
From: jow at openwrt.org
To: openwrt-security-announce at lists.openwrt.org,
openwrt-devel at lists.openwrt.org, openwrt-users at lists.openwrt.org
The bind package has been rebuilt and was uploaded to the Chaos Calmer
15.05 Release Candicate 3 repository due to multiple security issues.
VERSION
9.9.6-P1-2 => 9.9.7-P3-1
CHANGELOG
[Thu, 3 Sep 2015 14:03:41 +0200 ffda9cc]
Update to 9.9.7-P3 to fix CVE-2015-5722 and CVE-2015-5986
[Thu, 3 Sep 2015 14:03:31 +0200 4e3085c]
Update to version 9.9.7-p2
CHANGES
net/bind/Makefile | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
REFERENCES
* https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/
* https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/
* https://github.com/openwrt/packages/commit/4e3085cd058dc573988be8476751048bf203bce4
* https://github.com/openwrt/packages/commit/ffda9cc9c79ce55da93174025b31f057f7ccef64
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.ninux.org/pipermail/ninux-dev/attachments/20150903/a5fa1594/attachment-0001.html>
More information about the ninux-dev
mailing list