[OpenWrt-Devel] [CC 15.05-rc3] bind: Security update (2 CVEs)

jow at openwrt.org jow at openwrt.org
Thu Sep 3 09:59:29 EDT 2015


The bind package has been rebuilt and was uploaded to the Chaos Calmer
15.05 Release Candicate 3 repository due to multiple security issues.


VERSION

9.9.6-P1-2 => 9.9.7-P3-1


CHANGELOG

[Thu, 3 Sep 2015 14:03:41 +0200 ffda9cc]

Update to 9.9.7-P3 to fix CVE-2015-5722 and CVE-2015-5986

[Thu, 3 Sep 2015 14:03:31 +0200 4e3085c]

Update to version 9.9.7-p2


CHANGES

 net/bind/Makefile |    6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)


REFERENCES

 * https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/
 * https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/
 * https://github.com/openwrt/packages/commit/4e3085cd058dc573988be8476751048bf203bce4
 * https://github.com/openwrt/packages/commit/ffda9cc9c79ce55da93174025b31f057f7ccef64
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list