Security update for bind

SUSE Security Update: Security update for bind

Announcement ID:	SUSE-SU-2012:0741-3
Rating:	important
References:	#765315
Affected Products:	SUSE Linux Enterprise Server 10 SP4 SUSE Linux Enterprise Desktop 10 SP4 SLE SDK 10 SP4

An update that fixes one vulnerability is now available. It includes one version update.

Description:

The following issue has been fixed:

* Records with zero length rdata field could have
crashed named or disclosed portions of memory to clients
(CVE-2012-1667).

Security Issue references:

* CVE-2012-1667
>

Package List:

SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P1]:

bind-9.6ESVR7P1-0.10.1

bind-chrootenv-9.6ESVR7P1-0.10.1

bind-devel-9.6ESVR7P1-0.10.1

bind-doc-9.6ESVR7P1-0.10.1

bind-libs-9.6ESVR7P1-0.10.1

bind-utils-9.6ESVR7P1-0.10.1
SUSE Linux Enterprise Server 10 SP4 (s390x x86_64) [New Version: 9.6ESVR7P1]:

bind-libs-32bit-9.6ESVR7P1-0.10.1
SUSE Linux Enterprise Server 10 SP4 (ia64) [New Version: 9.6ESVR7P1]:

bind-libs-x86-9.6ESVR7P1-0.10.1
SUSE Linux Enterprise Server 10 SP4 (ppc) [New Version: 9.6ESVR7P1]:

bind-devel-64bit-9.6ESVR7P1-0.10.1

bind-libs-64bit-9.6ESVR7P1-0.10.1
SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64) [New Version: 9.6ESVR7P1]:

bind-libs-9.6ESVR7P1-0.10.1

bind-utils-9.6ESVR7P1-0.10.1
SUSE Linux Enterprise Desktop 10 SP4 (x86_64) [New Version: 9.6ESVR7P1]:

bind-libs-32bit-9.6ESVR7P1-0.10.1
SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64) [New Version: 9.6ESVR7P1]:

bind-9.6ESVR7P1-0.10.1

bind-chrootenv-9.6ESVR7P1-0.10.1

bind-devel-9.6ESVR7P1-0.10.1

bind-doc-9.6ESVR7P1-0.10.1
SLE SDK 10 SP4 (ppc) [New Version: 9.6ESVR7P1]:

bind-devel-64bit-9.6ESVR7P1-0.10.1

References:

http://support.novell.com/security/cve/CVE-2012-1667.html

https://bugzilla.novell.com/765315

http://download.suse.com/patch/finder/?keywords=4328ed71a96bc49951a61a9a05eab4f0