Back to bug 1389652
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Dhiru Kholia | 2016-10-28 06:12:18 UTC | CC | security-response-team | |
| Dhiru Kholia | 2016-10-28 06:12:35 UTC | Blocks | 1389641 | |
| Dhiru Kholia | 2016-10-31 07:05:07 UTC | Whiteboard | impact=important,public=no,reported=20161027,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-4/bind=wontfix,rhel-5/bind=new,rhel-5/bind97=new,rhel-6/bind=new,rhel-7/bind=new,fedora-all/bind=new,fedora-all/bind99=new | impact=important,public=20161101,reported=20161027,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-4/bind=wontfix,rhel-5/bind=new,rhel-5/bind97=new,rhel-6/bind=new,rhel-7/bind=new,fedora-all/bind=new,fedora-all/bind99=new |
| Dhiru Kholia | 2016-10-31 09:00:36 UTC | Summary | EMBARGOED CVE-2016-8864 bind: remote denial-of-service attack | EMBARGOED CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer |
| Dhiru Kholia | 2016-10-31 09:07:38 UTC | Whiteboard | impact=important,public=20161101,reported=20161027,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-4/bind=wontfix,rhel-5/bind=new,rhel-5/bind97=new,rhel-6/bind=new,rhel-7/bind=new,fedora-all/bind=new,fedora-all/bind99=new | impact=important,public=20161101,reported=20161027,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-4/bind=wontfix,rhel-5/bind=affected,rhel-5/bind97=affected,rhel-6/bind=affected,rhel-7/bind=affected,fedora-all/bind=new,fedora-all/bind99=new |
| Dhiru Kholia | 2016-10-31 09:12:11 UTC | Depends On | 1390127 | |
| Dhiru Kholia | 2016-10-31 09:12:19 UTC | Depends On | 1390128 | |
| Dhiru Kholia | 2016-10-31 09:12:31 UTC | Depends On | 1390129 | |
| Dhiru Kholia | 2016-10-31 09:13:19 UTC | Depends On | 1390130 | |
| Dhiru Kholia | 2016-10-31 09:13:29 UTC | Depends On | 1390131 | |
| Dhiru Kholia | 2016-10-31 10:38:45 UTC | Doc Text | A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS query. | |
| Doc Type | If docs needed, set a value | Bug Fix | ||
| Dhiru Kholia | 2016-10-31 11:03:29 UTC | Depends On | 1390159 | |
| Dhiru Kholia | 2016-11-02 04:47:58 UTC | Summary | EMBARGOED CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer | CVE-2016-8864 bind: assertion failure while handling responses containing a DNAME answer |
| Dhiru Kholia | 2016-11-02 04:48:01 UTC | Group | security, qe_staff | |
| Luke Bratch | 2016-11-02 12:06:44 UTC | CC | luke | |
| Dhiru Kholia | 2016-11-02 13:34:48 UTC | Doc Text | A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS query. | A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. |
| Robert Scheck | 2016-11-02 21:08:28 UTC | CC | redhat-bugzilla | |
| Dhiru Kholia | 2016-11-03 03:56:28 UTC | Whiteboard | impact=important,public=20161101,reported=20161027,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-4/bind=wontfix,rhel-5/bind=affected,rhel-5/bind97=affected,rhel-6/bind=affected,rhel-7/bind=affected,fedora-all/bind=new,fedora-all/bind99=new | impact=important,public=20161101,reported=20161027,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-4/bind=wontfix,rhel-5/bind=affected,rhel-5/bind97=affected,rhel-6/bind=affected,rhel-7/bind=affected,fedora-all/bind=affected,fedora-all/bind99=affected |
| Dhiru Kholia | 2016-11-03 03:57:36 UTC | Depends On | 1391319 | |
| Dhiru Kholia | 2016-11-03 03:58:08 UTC | Depends On | 1391320 | |
| Slawomir Czarko | 2016-11-03 11:02:23 UTC | CC | slawomir | |
| Christian Horn | 2016-11-24 05:58:43 UTC | CC | chorn | |
| Dhiru Kholia | 2016-11-24 09:36:07 UTC | Whiteboard | impact=important,public=20161101,reported=20161027,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-4/bind=wontfix,rhel-5/bind=affected,rhel-5/bind97=affected,rhel-6/bind=affected,rhel-7/bind=affected,fedora-all/bind=affected,fedora-all/bind99=affected | impact=important,public=20161101,reported=20161027,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-4/bind=wontfix,rhel-5/bind=affected,rhel-5/bind97=affected,rhel-6/bind=affected,rhel-6.2.z/bind=affected,rhel-6.4.z/bind=affected,rhel-6.5.z/bind=affected,rhel-6.6.z/bind=affected,rhel-6.7.z/bind=affected,rhel-7/bind=affected,fedora-all/bind=affected,fedora-all/bind99=affected |
| Dhiru Kholia | 2016-11-24 09:48:40 UTC | Depends On | 1398197 | |
| Dhiru Kholia | 2016-11-24 09:48:45 UTC | Depends On | 1398199 | |
| Dhiru Kholia | 2016-11-24 09:48:51 UTC | Depends On | 1398200 | |
| Dhiru Kholia | 2016-11-24 09:48:56 UTC | Depends On | 1398201 | |
| Dhiru Kholia | 2016-11-24 09:49:03 UTC | Depends On | 1398202 | |
| Tomas Hoger | 2016-12-06 11:25:12 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-12-06 06:25:12 UTC | |||
| Dhiru Kholia | 2017-05-31 09:39:30 UTC | Depends On | 1457186 | |
| Petr Sklenar | 2017-06-27 08:18:28 UTC | QA Contact | psklenar | |
| Summer Long | 2017-06-28 04:59:08 UTC | CC | slong | |
| Doc Text | A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. | A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make the named server exit unexpectedly with an assertion failure using a specially crafted DNS response. | ||
| Summer Long | 2017-06-28 05:14:27 UTC | Doc Text | A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make the named server exit unexpectedly with an assertion failure using a specially crafted DNS response. | A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make the named daemon exit unexpectedly with an assertion failure using a specially crafted DNS response. |
| Tomas Hoger | 2017-06-28 07:10:57 UTC | Doc Text | A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make the named daemon exit unexpectedly with an assertion failure using a specially crafted DNS response. | A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. |
| Product Security DevOps Team | 2019-09-29 13:59:56 UTC | Whiteboard | impact=important,public=20161101,reported=20161027,source=upstream,cvss2=5.0/AV:N/AC:L/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-4/bind=wontfix,rhel-5/bind=affected,rhel-5/bind97=affected,rhel-6/bind=affected,rhel-6.2.z/bind=affected,rhel-6.4.z/bind=affected,rhel-6.5.z/bind=affected,rhel-6.6.z/bind=affected,rhel-6.7.z/bind=affected,rhel-7/bind=affected,fedora-all/bind=affected,fedora-all/bind99=affected |
Back to bug 1389652