MGASA-2021-0560 - Updated bind packages fix security vulnerability Publication date: 19 Dec 2021 URL: https://advisories.mageia.org/MGASA-2021-0560.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-25219 Updated bind packages fix security vulnerability: Kishore Kumar Kothapalli discovered that the lame server cache in BIND, a DNS server implementation, can be abused by an attacker to significantly degrade resolver performance, resulting in denial of service (large delays for responses for client queries and DNS timeouts on client hosts) (CVE-2021-25219). References: - https://bugs.mageia.org/show_bug.cgi?id=29427 - https://kb.isc.org/docs/cve-2021-25219 - https://www.debian.org/security/2021/dsa-4994 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219 SRPMS: - 8/core/bind-9.11.36-1.1.mga8