SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionAs discussed upstream, parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from a zone containing a deliberately malformed key. (CVE-2015-5722)
Also disclosed upstream today was CVE-2015-5986 which does not impact the version of bind in the Amazon Linux AMI.
SolutionRun 'yum update bind' to update your system.