From 76092c95e55cc48ed16ec8726811cdd87b717ea6 Mon Sep 17 00:00:00 2001 From: Tinderbox User Date: Mon, 22 Feb 2016 21:14:13 +0000 Subject: [PATCH] regen v9_9_8_patch --- doc/arm/Bv9ARM.ch09.html | 25 +++++++++++++------------ doc/arm/notes.html | 25 +++++++++++++------------ 2 files changed, 26 insertions(+), 24 deletions(-) diff --git a/doc/arm/Bv9ARM.ch09.html b/doc/arm/Bv9ARM.ch09.html index a1060be25f..9951f3ce19 100644 --- a/doc/arm/Bv9ARM.ch09.html +++ b/doc/arm/Bv9ARM.ch09.html @@ -68,7 +68,8 @@ This document summarizes changes since BIND 9.9.8:

- BIND 9.9.8-P4 addresses the security issue described in CVE-2016-1285. + BIND 9.9.8-P4 addresses the security issues described in + CVE-2016-1285 and CVE-2016-1286.

BIND 9.9.8-P3 addresses the security issue described in CVE-2015-8704. @@ -98,12 +99,22 @@

Security Fixes

diff --git a/doc/arm/notes.html b/doc/arm/notes.html index 7bef168ac0..294bc406fb 100644 --- a/doc/arm/notes.html +++ b/doc/arm/notes.html @@ -29,7 +29,8 @@ This document summarizes changes since BIND 9.9.8:

- BIND 9.9.8-P4 addresses the security issue described in CVE-2016-1285. + BIND 9.9.8-P4 addresses the security issues described in + CVE-2016-1285 and CVE-2016-1286.

BIND 9.9.8-P3 addresses the security issue described in CVE-2015-8704. @@ -59,12 +60,22 @@

Security Fixes

    +
  • + The resolver could abort with an assertion failure due to + improper DNAME handling when parsing fetch reply + messages. This flaw is disclosed in CVE-2016-1286. [RT #41753] +

  • +
  • + Malformed control messages can trigger assertions in named + and rndc. This flaw is disclosed in CVE-2016-1285. [RT + #41666] +

  • Specific APL data could trigger an INSIST. This flaw is disclosed in CVE-2015-8704. [RT #41396]

  • - Named is potentially vulnerable to the OpenSSL vulnerabilty + Named is potentially vulnerable to the OpenSSL vulnerability described in CVE-2015-3193.

  • @@ -79,16 +90,6 @@ failure if a socket error occurred while performing a lookup. This flaw is disclosed in CVE-2015-8461. [RT#40945]

  • -
  • - Malformed control messages can trigger assertions in named - and rndc. This flaw is disclosed in CVE-2016-1285. [RT - #41666] -

  • -
  • - The resolver could abort with an assertion failure due to - improper DNAME handling when parsing fetch reply - messages. This flaw is disclosed in CVE-2016-1286. [RT #41753] -