FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

bind -- multiple vulnerabilities

Affected packages
bind99 < 9.9.8P2
bind910 < 9.10.3P2
bind9-devel < 9.11.0.a20151215
9.3 <= FreeBSD < 9.3_32


VuXML ID a8ec4db7-a398-11e5-85e9-14dae9d210b8
Discovery 2015-11-24
Entry 2015-12-16
Modified 2016-08-09

ISC reports:

Named is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193.

Incorrect reference counting could result in an INSIST failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945]

Insufficient testing when parsing a message allowed records with an incorrect class to be be accepted, triggering a REQUIRE failure when those records were subsequently cached. This flaw is disclosed in CVE-2015-8000. [RT #40987]


CVE Name CVE-2015-3193
CVE Name CVE-2015-8000
CVE Name CVE-2015-8461
FreeBSD Advisory SA-15:27.bind