MGASA-2021-0560 - Updated bind packages fix security vulnerability Publication date: 19 Dec 2021 URL: https://advisories.mageia.org/MGASA-2021-0560.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-25219 Updated bind packages fix security vulnerability: Kishore Kumar Kothapalli discovered that the lame server cache in BIND, a DNS server implementation, can be abused by an attacker to significantly degrade resolver performance, resulting in denial of service (large delays for responses for client queries and DNS timeouts on client hosts) (CVE-2021-25219). References: - https://bugs.mageia.org/show_bug.cgi?id=29427 - https://kb.isc.org/docs/cve-2021-25219 - https://www.debian.org/security/2021/dsa-4994 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219 SRPMS: - 8/core/bind-9.11.36-1.1.mga8
Mageia 2021-0560: bind security update
Summary
Updated bind packages fix security vulnerability:
Kishore Kumar Kothapalli discovered that the lame server cache in BIND,
a DNS server implementation, can be abused by an attacker to significantly
degrade resolver performance, resulting in denial of service (large delays
for responses for client queries and DNS timeouts on client hosts)
(CVE-2021-25219).
References
- https://bugs.mageia.org/show_bug.cgi?id=29427
- https://kb.isc.org/docs/cve-2021-25219
- https://www.debian.org/security/2021/dsa-4994
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
Resolution
MGASA-2021-0560 - Updated bind packages fix security vulnerability
SRPMS
- 8/core/bind-9.11.36-1.1.mga8
Severity
Publication date: 19 Dec 2021
URL: https://advisories.mageia.org/MGASA-2021-0560.html
Type: security
CVE: CVE-2021-25219
News
HOWTOs
About Us
Powered By
Get Customized Security Advisories that Impact You Directly Create My Customized Advisories Now >>
To stay up-to-date on the latest open-source security news, feature articles and Linux distribution security advisories Subscribe to Our Newsletters!