MGASA-2021-0560 - Updated bind packages fix security vulnerability Publication date: 19 Dec 2021 URL: https://advisories.mageia.org/MGASA-2021-0560.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-25219 Updated bind packages fix security vulnerability: Kishore Kumar Kothapalli discovered that the lame server cache in BIND, a DNS server implementation, can be abused by an attacker to significantly degrade resolver performance, resulting in denial of service (large delays for responses for client queries and DNS timeouts on client hosts) (CVE-2021-25219). References: - https://bugs.mageia.org/show_bug.cgi?id=29427 - https://kb.isc.org/docs/cve-2021-25219 - https://www.debian.org/security/2021/dsa-4994 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219 SRPMS: - 8/core/bind-9.11.36-1.1.mga8
Mageia 2021-0560: bind security update
Summary
CVE: CVE-2021-25219
Updated bind packages fix security vulnerability:
Kishore Kumar Kothapalli discovered that the lame server cache in BIND,
a DNS server implementation, can be abused by an attacker to significantly
degrade resolver performance, resulting in denial of service (large delays
for responses for client queries and DNS timeouts on client hosts)
(CVE-2021-25219).
Resolution
MGASA-2021-0560 - Updated bind packages fix security vulnerability
References
- https://bugs.mageia.org/show_bug.cgi?id=29427
- https://kb.isc.org/docs/cve-2021-25219
- https://www.debian.org/security/2021/dsa-4994
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219
Severity
Issued Date: 19 Dec 2021
URL: https://advisories.mageia.org/MGASA-2021-0560.html
Type: security
Affected Mageia releases: 8
News
HOWTOs
About Us
Powered By
