Description
* A denial of service flaw was found in the way BIND handled a query response
containing CNAME or DNAME resource records in an unusual order. A remote
attacker could use this flaw to make named exit unexpectedly with an assertion
failure via a specially crafted DNS response. (CVE-2017-3137)
* A denial of service flaw was found in the way BIND handled query requests when
using DNS64 with 'break-dnssec yes' option. A remote attacker could use this
flaw to make named exit unexpectedly with an assertion failure via a specially
crafted DNS request. (CVE-2017-3136)