Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#12176 closed enhancement (fixed)

bind bind9 9.14.3

Reported by: Douglas R. Reno Owned by: blfs-book
Priority: high Milestone: 9.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

Change History (4)

comment:1 by ken@…, 5 years ago

Priority: normalhigh

For whoever takes this, from the oss security list:

Today ISC disclosed a vulnerability in our BIND software.

Information about the vulnerability can be found in the ISC Knowledge Base:

CVE-2019-6471: A race condition when discarding malformed packets can cause BIND to exit with an assertion failure https://kb.isc.org/docs/cve-2019-6471

New maintenance releases of BIND released today contain the fix for the vulnerability along with other bug fixes and feature improvements. They may be downloaded from the ISC web site's download page (https://www.isc.org/downloads)

  • 9.11.8
  • 9.12.4-P2
  • 9.14.3
  • 9.15.1

With the public disclosure of these vulnerabilities, parties which had been given advance notice concerning them are released from non-disclosure and packagers and redistributors are encouraged to publish updated packages containing fixes.

comment:2 by thomas, 5 years ago

Resolution: fixed
Status: newclosed

Fixed in r21744

comment:3 by Douglas R. Reno, 5 years ago

Security Fixes

    A race condition could trigger an assertion failure when a large number of incoming packets were being rejected. This flaw is disclosed in CVE-2019-6471. [GL #942]

Bug Fixes

    When qname-minimization was set to relaxed, some improperly configured domains would fail to resolve, but would have succeeded if minimization were disabled. named will now fall back to normal resolution in such cases, and also uses type A rather than NS for minimal queries in order to reduce the likelihood of encountering the problem. [GL #1055]


comment:4 by Bruce Dubbs, 5 years ago

Milestone: 8.59.0

Milestone renamed

Note: See TracTickets for help on using tickets.