The following flaw in BIND was reported by ISC: In versions of BIND 9.10, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the issue may result in a REQUIRE assertion failure in buffer.c. In prior 9.10 versions, it may result in named crashing (such as with a segmentation fault) or other misbehavior due to a buffer overrun. This issue can affect both authoritative and recursive servers if they are performing debug logging. (It may also crash related tools which use the same code, such as dig or delv.) Mitigation: Disable debug logging in named.
Acknowledgements: Red Hat would like to thank ISC for reporting this issue.
Created attachment 1115783 [details] 9.10.3-rt41396-and-rt41397-CVE-2015-8704-and-CVE-2015-8705.diff
Public now via upstream advisory. External References: https://kb.isc.org/article/AA-01336
Created bind tracking bugs for this issue: Affects: fedora-all [bug 1300051]
Only BIND 9.10 was affected by this issue, therefore no Red Hat Enterprise Linux version was affected.
Upstream commit: https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=3e0c1603a835c678b07f1147909bf196988ee0d3