Bug 557983 (CVE-2010-0382)
Summary: | CVE-2010-0382 bind: out-of-bailiwick data vulnerability due to regression while fixing CVE-2009-4022 | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | atkac, dwalsh, qe-baseos-daemons |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0382 | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-01-25 17:46:54 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 555119 | ||
Bug Blocks: |
Description
Vincent Danen
2010-01-22 23:15:17 UTC
I'm unsure whether this got fixed along with CVE-2010-0290 (bug #557121) because that bug is also due to a regression of CVE-2009-4022. The upstream advisory states: 2828. [security] Cached CNAME or DNAME RR could be returned to clients without DNSSEC validation. [RT #20737] 2831. [security] Do not attempt to validate or cache out-of-bailiwick data returned with a secure answer; it must be re-fetched from its original source and validated in that context. (Regression bug introduced by fix for RT #20438) [RT #20819] So it's listing it as two separate issues (2828 would correspond with CVE-2010-0290) which is probably why MITRE assigned two CVEs. What is unclear is whether or not the fix we used for CVE-2010-0290 also corrects this issue. This issue is fixed together with CVE-2010-0290 (bug #557121). Updated packages are already released (for RHEL5). Thanks for that confirmation Adam. This issue is then resolved via RHSA-2010:0062: https://rhn.redhat.com/errata/RHSA-2010-0062.html |