{"id":"MGASA-2016-0107","summary":"Updated bind packages fix security vulnerability","details":"In ISC BIND before 9.10.3-P4, an error parsing input received by the rndc\ncontrol channel can cause an assertion failure in sexpr.c or alist.c\n(CVE-2016-1285).\n\nIn ISC BIND before 9.10.3-P4, a problem parsing resource record signatures\nfor DNAME resource records can lead to an assertion failure in resolver.c\nor db.c (CVE-2016-1286).\n\nIn ISC BIND before 9.10.3-P4, A response containing multiple DNS cookies\ncauses servers with cookie support enabled to exit with an assertion\nfailure in resolver.c (CVE-2016-2088).\n","modified":"2026-02-04T02:48:59.157755Z","published":"2016-03-10T23:37:43Z","related":["CVE-2016-1285","CVE-2016-1286","CVE-2016-2088"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0107.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17935"},{"type":"REPORT","url":"https://kb.isc.org/article/AA-01351"},{"type":"REPORT","url":"https://kb.isc.org/article/AA-01352"},{"type":"REPORT","url":"https://kb.isc.org/article/AA-01353"},{"type":"REPORT","url":"https://kb.isc.org/article/AA-01363"}],"affected":[{"package":{"name":"bind","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/bind?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.10.3.P4-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0107.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}