Subject: [ASA-201702-8] bind: denial of service Arch Linux Security Advisory ASA-201702-8 ========================================= Severity: High Date : 2017-02-09 CVE-ID : CVE-2017-3135 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-169 Summary ======= The package bind before version 9.11.0.P3-1 is vulnerable to denial of service. Resolution ========== Upgrade to 9.11.0.P3-1. # pacman -Syu "bind>=9.11.0.P3-1" The problem has been fixed upstream in version 9.11.0.P3. Workaround ========== None. Description =========== A vulnerability has been found in bind < 9.11.0-P3, allowing a remote attacker to trigger an INSIST assertion failure or a NULL pointer read in configurations using both DNS64 and RPZ. Impact ====== A remote unauthenticated attacker can crash a vulnerable server, resulting in denial of service. References ========== https://kb.isc.org/article/AA-01453 https://security.archlinux.org/CVE-2017-3135