security issue with Bind CVE-2017-3143, CVE-2017-3142.

Support for security such as Firewalls and securing linux
Post Reply
Neil_9481
Posts: 2
Joined: 2017/09/28 16:32:39

security issue with Bind CVE-2017-3143, CVE-2017-3142.

Post by Neil_9481 » 2017/09/28 16:37:43

Has anyone ever encountered this issue when trying to get PCI-DSS compliance, I'm trying to get my site launched but can't until i can pass PCI-DSS the exact error they have placed on their report is:-

ISC BIND 9 < 9.9.10-P2 / 9.9.10-S3 / 9.10.5-P2 / 9.10.5-S3 / 9.11.1-P2 Multiple Vulnerabilities 53 / udp / dns
CVE-2017-3143, CVE-2017-3142

I don't want to start messing with updating specific files all over to find the next round of updates removes it all.

User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: security issue with Bind CVE-2017-3143, CVE-2017-3142.

Post by avij » 2017/09/28 16:59:30

CVE-2017-3142: Fixed in bind-9.9.4-50.el7_3.1
CVE-2017-3143: Fixed in bind-9.9.4-50.el7_3.1

If rpm -q bind does not show that you are running (at least) that version, a simple yum update should bring you up to date. At the moment the latest version is bind-9.9.4-51.el7.

Please also have a look at https://access.redhat.com/security/updates/backporting/

Neil_9481
Posts: 2
Joined: 2017/09/28 16:32:39

Re: security issue with Bind CVE-2017-3143, CVE-2017-3142.

Post by Neil_9481 » 2017/09/28 18:15:38

Thank you very much I knew this was most likely the case I just wanted it confirming as couldn't find the specific listing for it.

Post Reply