{"id":"MGASA-2014-0013","summary":"Updated bind package fixes security vulnerability","details":"Updated bind packages fix security vulnerability:\n\nBecause of a defect in handling queries for NSEC3-signed zones, BIND can\ncrash with an \"INSIST\" failure in name.c when processing queries possessing\ncertain properties. By exploiting this defect an attacker deliberately\nconstructing a query with the right properties could achieve denial of\nservice against an authoritative nameserver serving NSEC3-signed zones\n(CVE-2014-0591).\n","modified":"2026-04-16T01:48:01.615018679Z","published":"2014-01-17T00:39:03Z","upstream":["CVE-2014-0591"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0013.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12296"},{"type":"WEB","url":"https://kb.isc.org/article/AA-01078"},{"type":"WEB","url":"https://kb.isc.org/article/AA-01080"}],"affected":[{"package":{"name":"bind","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/bind?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.9.4.P2-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0013.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}