Synopsis:          Moderate: bind security update
Advisory ID:       SLSA-2017:0276-1
Issue Date:        2017-02-15
CVE Numbers:       CVE-2017-3135
--

Security Fix(es):

* A denial of service flaw was found in the way BIND handled query
responses when both DNS64 and RPZ were used. A remote attacker could use
this flaw to make named exit unexpectedly with an assertion failure or a
null pointer dereference via a specially crafted DNS response.
(CVE-2017-3135)
--

SL7
  x86_64
    bind-debuginfo-9.9.4-38.el7_3.2.i686.rpm
    bind-debuginfo-9.9.4-38.el7_3.2.x86_64.rpm
    bind-libs-9.9.4-38.el7_3.2.i686.rpm
    bind-libs-9.9.4-38.el7_3.2.x86_64.rpm
    bind-libs-lite-9.9.4-38.el7_3.2.i686.rpm
    bind-libs-lite-9.9.4-38.el7_3.2.x86_64.rpm
    bind-utils-9.9.4-38.el7_3.2.x86_64.rpm
    bind-9.9.4-38.el7_3.2.x86_64.rpm
    bind-chroot-9.9.4-38.el7_3.2.x86_64.rpm
    bind-devel-9.9.4-38.el7_3.2.i686.rpm
    bind-devel-9.9.4-38.el7_3.2.x86_64.rpm
    bind-lite-devel-9.9.4-38.el7_3.2.i686.rpm
    bind-lite-devel-9.9.4-38.el7_3.2.x86_64.rpm
    bind-pkcs11-9.9.4-38.el7_3.2.x86_64.rpm
    bind-pkcs11-devel-9.9.4-38.el7_3.2.i686.rpm
    bind-pkcs11-devel-9.9.4-38.el7_3.2.x86_64.rpm
    bind-pkcs11-libs-9.9.4-38.el7_3.2.i686.rpm
    bind-pkcs11-libs-9.9.4-38.el7_3.2.x86_64.rpm
    bind-pkcs11-utils-9.9.4-38.el7_3.2.x86_64.rpm
    bind-sdb-9.9.4-38.el7_3.2.x86_64.rpm
    bind-sdb-chroot-9.9.4-38.el7_3.2.x86_64.rpm
  noarch
    bind-license-9.9.4-38.el7_3.2.noarch.rpm

- Scientific Linux Development Team