add CVE-2015-5477

2025-08-30 22:15:20 +00:00 · 2015-07-15 07:51:06 +10:00
parent 13c55f6a60
commit c5eb9add52
2 changed files with 20 additions and 10 deletions
--- a/4
+++ b/4
@@ -103,8 +103,8 @@ BIND 9.11.0
 	  to be added.  This can be disabled with "check-names no".

 	This release addresses the security flaws described in
-	CVE-2014-3214, CVE-2014-3859, CVE-2014-8500, CVE-2014-8680 and
-	CVE-2015-1349.
+	CVE-2014-3214, CVE-2014-3859, CVE-2014-8500, CVE-2014-8680,
+	CVE-2015-1349 and CVE-2015-5477.

 BIND 9.10.0

--- a/doc/arm/notes.xml
+++ b/doc/arm/notes.xml
@@ -38,16 +38,26 @@
  <sect2 id="relnotes_security">
    <title>Security Fixes</title>
    <itemizedlist>
+      <listitem>
+	<para>
+	  A specially crafted query could trigger an assertion failure
+	  in message.c.
+	</para>
+	<para>
+	  This flaw was discovered by Jonathan Foote, and is disclosed
+	  in CVE-2015-5477. [RT #39795]
+	</para>
+      </listitem>
      <listitem>
 	<para>
 	  On servers configured to perform DNSSEC validation, an
 	  assertion failure could be triggered on answers from
 	  a specially configured server.
 	</para>
-        <para>
+	<para>
 	  This flaw was discovered by Breno Silveira Soares, and is
 	  disclosed in CVE-2015-4620. [RT #39795]
-        </para>
+	</para>
      </listitem> 
      <listitem>
 	<para>
@@ -122,7 +132,7 @@
 	  vehicle for such an attack.
 	</para>
 	<itemizedlist>
-          <listitem>
+	  <listitem>
 	    <para>
 	      <option>fetches-per-server</option> limits the number of
 	      simultaneous queries that can be sent to any single
@@ -133,7 +143,7 @@
 	      <option>fetch-quota-params</option> option.
 	    </para>
 	  </listitem>
-          <listitem>
+	  <listitem>
 	    <para>
 	      <option>fetches-per-zone</option> limits the number of
 	      simultaneous queries that can be sent for names within a
@@ -160,7 +170,7 @@
 		  >http://localhost:8888/xml/v3/traffic</ulink>
 	  or
 	  <ulink url="http://localhost:8888/json/v1/traffic"
-	          >http://localhost:8888/json/v1/traffic</ulink>.
+		  >http://localhost:8888/json/v1/traffic</ulink>.
 	</para>
      </listitem>
      <listitem>
@@ -665,10 +675,10 @@
 	</para>
      </listitem>
      <listitem>
-        <para>
+	<para>
 	  Built-in "empty" zones did not correctly inherit the
 	  "allow-transfer" ACL from the options or view. [RT #38310]
-        </para>
+	</para>
      </listitem>
      <listitem>
 	<para>
@@ -707,7 +717,7 @@
 	  Several bugs have been fixed in the RPZ implementation:
 	</para>
 	<itemizedlist>
-          <listitem>
+	  <listitem>
 	    <para>
 	      Policy zones that did not specifically require recursion
 	      could be treated as if they did; consequently, setting