Oval Definition:oval:org.mitre.oval:def:28588
Revision Date:2015-03-16Version:11
Title:RHSA-2014:1984 -- bind security update (Important)
Description:The Berkeley Internet Name Domain (BIND) is an implementation of the DomainName System (DNS) protocols. BIND includes a DNS server (named); a resolverlibrary (routines for applications to use when interfacing with DNS); andtools for verifying that the DNS server is operating correctly.A denial of service flaw was found in the way BIND followed DNSdelegations. A remote attacker could use a specially crafted zonecontaining a large number of referrals which, when looked up and processed,would cause named to use excessive amounts of memory or crash.(CVE-2014-8500)All bind users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. After installing theupdate, the BIND daemon (named) will be restarted automatically.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2014:1984-CentOS 5
CESA-2014:1984-CentOS 6
CESA-2014:1984-CentOS 7
CVE-2014-8500
RHSA-2014:1984
Platform(s):CentOS Linux 5
CentOS Linux 6
CentOS Linux 7
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Product(s):bind
Definition Synopsis
  • Red Hat Enterprise Linux 5 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • AND Packages match section
  • bind-chroot is earlier than 30:9.3.6-25.P1.el5_11.2
  • OR bind-debuginfo is earlier than 30:9.3.6-25.P1.el5_11.2
  • OR bind-devel is earlier than 30:9.3.6-25.P1.el5_11.2
  • OR bind-libbind-devel is earlier than 30:9.3.6-25.P1.el5_11.2
  • OR caching-nameserver is earlier than 30:9.3.6-25.P1.el5_11.2
  • OR bind is earlier than 30:9.3.6-25.P1.el5_11.2
  • OR bind-libs is earlier than 30:9.3.6-25.P1.el5_11.2
  • OR bind-sdb is earlier than 30:9.3.6-25.P1.el5_11.2
  • OR bind-utils is earlier than 30:9.3.6-25.P1.el5_11.2
  • Red Hat Enterprise Linux 6 and CentOS Linux 6 release section
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages match section
  • bind is earlier than 32:9.8.2-0.30.rc1.el6_6.1
  • OR bind-chroot is earlier than 32:9.8.2-0.30.rc1.el6_6.1
  • OR bind-devel is earlier than 32:9.8.2-0.30.rc1.el6_6.1
  • OR bind-libs is earlier than 32:9.8.2-0.30.rc1.el6_6.1
  • OR bind-sdb is earlier than 32:9.8.2-0.30.rc1.el6_6.1
  • OR bind-utils is earlier than 32:9.8.2-0.30.rc1.el6_6.1
  • Red Hat Enterprise Linux 6 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND bind-debuginfo is earlier than 32:9.8.2-0.30.rc1.el6_6.1
  • Red Hat Enterprise Linux 7 and CentOS Linux 7 release section
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 7
  • OR The operating system installed on the system is CentOS Linux 7.x
  • AND Packages match section
  • bind is earlier than 32:9.9.4-14.el7_0.1
  • OR bind-chroot is earlier than 32:9.9.4-14.el7_0.1
  • OR bind-devel is earlier than 32:9.9.4-14.el7_0.1
  • OR bind-libs is earlier than 32:9.9.4-14.el7_0.1
  • OR bind-libs-lite is earlier than 32:9.9.4-14.el7_0.1
  • OR bind-license is earlier than 32:9.9.4-14.el7_0.1
  • OR bind-lite-devel is earlier than 32:9.9.4-14.el7_0.1
  • OR bind-sdb is earlier than 32:9.9.4-14.el7_0.1
  • OR bind-sdb-chroot is earlier than 32:9.9.4-14.el7_0.1
  • OR bind-utils is earlier than 32:9.9.4-14.el7_0.1
  • Red Hat Enterprise Linux 7 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 7
  • AND bind-debuginfo is earlier than 32:9.9.4-14.el7_0.1
    • BACK