Debian LTS: DLA-2227-1: bind9 security update

    Date 30 May 2020
    285
    Posted By LinuxSecurity Advisories
    Several vulnerabilities were discovered in BIND, a DNS server implementation.
    
    Package        : bind9
    Version        : 1:9.9.5.dfsg-9+deb8u19
    CVE ID         : CVE-2020-8616 CVE-2020-8617
    
    
    Several vulnerabilities were discovered in BIND, a DNS server 
    implementation.
    
    CVE-2020-8616
    
         It was discovered that BIND does not sufficiently limit the number
         of fetches performed when processing referrals. An attacker can take
         advantage of this flaw to cause a denial of service (performance
         degradation) or use the recursing server in a reflection attack with
         a high amplification factor.
    
    CVE-2020-8617
    
         It was discovered that a logic error in the code which checks TSIG
         validity can be used to trigger an assertion failure, resulting in
         denial of service.
    
    
    For Debian 8 "Jessie", these problems have been fixed in version
    1:9.9.5.dfsg-9+deb8u19.
    
    We recommend that you upgrade your bind9 packages.
    
    Further information about Debian LTS security advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://wiki.debian.org/LTS
    
    

    LinuxSecurity Poll

    How do you feel about the elimination of the terms 'blacklist' and 'slave' from the Linux kernel?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/32-how-do-you-feel-about-the-elimination-of-the-terms-blacklist-and-slave-from-the-linux-kernel?task=poll.vote&format=json
    32
    radio
    [{"id":"112","title":"I strongly support this change - racially charged language should not be used in the code and documentation of the kernel and other open-source projects.","votes":"3","type":"x","order":"1","pct":42.86,"resources":[]},{"id":"113","title":"I'm indifferent - this small change will not affect broader issues of racial insensitivity and white privilege.","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"114","title":"I'm opposed to this change - there is no need to change language that has been used for years. It doesn't make sense for people to take offense to terminology used in community projects.","votes":"2","type":"x","order":"3","pct":28.57,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.