CVE-2017-3140

Priority
Description
If named is configured to use Response Policy Zones (RPZ) an error
processing some rule types can lead to a condition where BIND will
endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5,
9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.
Notes
 tyhicks> Per ISC, "... affecting 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1,
  and 9.10.5-S1"
 tyhicks> Introduced by change #4377, which is not applied in any Ubuntu
  releases
Package
Source: bind9 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (1:9.8.1.dfsg.P1-4ubuntu0.22)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (1:9.9.5.dfsg-3ubuntu0.14)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1:9.10.3.dfsg.P4-8ubuntu1.6)
More Information

Updated: 2019-01-24 15:14:53 UTC (commit 7803302b7048c786698bed0b9f13e30d754ec14a)