ASA-201801-16 generated external raw

[ASA-201801-16] bind: denial of service
Arch Linux Security Advisory ASA-201801-16 ========================================== Severity: High Date : 2018-01-18 CVE-ID : CVE-2017-3145 Package : bind Type : denial of service Remote : Yes Link : Summary ======= The package bind before version 9.11.2.P1-1 is vulnerable to denial of service. Resolution ========== Upgrade to 9.11.2.P1-1. # pacman -Syu "bind>=9.11.2.P1-1" The problem has been fixed upstream in version 9.11.2.P1. Workaround ========== None. Description =========== A use-after-free flaw leading to denial of service was found in the way BIND before 9.11.2.P1, 9.10.6-P1 and 9.9.11-P1 internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. Impact ====== A remote attacker is able to crash named while acting as a DNSSEC validating resolver via a specially crafted DNS request. References ==========;a=commitdiff;h=053b51c4dbd28f6e4de71ce4268a6f606025d76d