This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
<glsaid="201701-26">
<title>BIND: Denial of Service</title>
<synopsis>A vulnerability in BIND might allow remote attackers to cause a
Denial of Service condition.
</synopsis>
<producttype="ebuild">bind</product>
<announced>January 11, 2017</announced>
<revised>January 11, 2017: 1</revised>
<bug>598750</bug>
<access>remote</access>
<affected>
<packagename="net-dns/bind"auto="yes"arch="*">
<unaffectedrange="ge">9.10.4_p4</unaffected>
<vulnerablerange="lt">9.10.4_p4</vulnerable>
</package>
</affected>
<background>
<p>BIND (Berkeley Internet Name Domain) is a Name Server.</p>
</background>
<description>
<p>A defect in BIND’s handling of responses containing a DNAME answer can
cause a resolver to exit after encountering an assertion failure in db.c
or resolver.c.
</p>
</description>
<impacttype="normal">
<p>A remote attacker could send a specially crafted DNS request to the BIND
resolver possibly resulting in a Denial of Service condition.
</p>
</impact>
<workaround>
<p>There is no known workaround at this time.</p>
</workaround>
<resolution>
<p>All BIND users should upgrade to the latest version:</p>