Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Oracle Linux 9 ELSA-2024-1789 Critical: BIND Network Threat Update

oracle
Calendar Grey April 12, 2024
Oracle Linux Logo Esm H88
The latest advisory from Oracle Linux 9, ELSA-2024-1790, provides essential patches for OpenSSL, addressing various vulnerabilities.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

bind [32:9.16.23-14.4] - Rebuild with correct z-stream tag again [32:9.16.23-14.3] - Rebuild together with bind-dyndb-ldap to adjust ABI changes [32:9.16.23-14.2] - Import tests for large DNS messages fix - Add downstream change complementing CVE-2023-50387 [32:9.16.23-14.1] - Prevent increased CPU load on large DNS messages (CVE-2023-4408) - Prevent assertion failure when nxdomain-redirect is used with RFC 1918 reverse zones (CVE-2023-5517) - Prevent assertion failure if DNS64 and serve-stale is used (CVE-2023-5679) - Specific recursive query patterns may lead to an out-of-memory condition (CVE-2023-6516) - Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387 CVE-2023-50868) bind-dyndb-ldap [11.9-8.3] - Rebuild with correct z-stream tag again [11.9-8.2] - Rebuild required for BIND changes for KeyTrap change (CVE-2023-50387)

SRPMs

https://oss.oracle.com:443/ol9/SRPMS-updates//bind-9.16.23-14.el9_3.4.src.rpm https://oss.oracle.com:443/ol9/SRPMS-updates//bind-dyndb-ldap-11.9-8.el9_3.3.src.rpm

x86_64

bind-9.16.23-14.el9_3.4.x86_64.rpm bind-chroot-9.16.23-14.el9_3.4.x86_64.rpm bind-dnssec-doc-9.16.23-14.el9_3.4.noarch.rpm bind-dnssec-utils-9.16.23-14.el9_3.4.x86_64.rpm bind-dyndb-ldap-11.9-8.el9_3.3.x86_64.rpm bind-libs-9.16.23-14.el9_3.4.x86_64.rpm bind-license-9.16.23-14.el9_3.4.noarch.rpm bind-utils-9.16.23-14.el9_3.4.x86_64.rpm python3-bind-9.16.23-14.el9_3.4.noarch.rpm bind-devel-9.16.23-14.el9_3.4.i686.rpm bind-devel-9.16.23-14.el9_3.4.x86_64.rpm bind-doc-9.16.23-14.el9_3.4.noarch.rpm bind-libs-9.16.23-14.el9_3.4.i686.rpm

aarch64

bind-9.16.23-14.el9_3.4.aarch64.rpm bind-chroot-9.16.23-14.el9_3.4.aarch64.rpm bind-dnssec-doc-9.16.23-14.el9_3.4.noarch.rpm bind-dnssec-utils-9.16.23-14.el9_3.4.aarch64.rpm bind-dyndb-ldap-11.9-8.el9_3.3.aarch64.rpm bind-libs-9.16.23-14.el9_3.4.aarch64.rpm bind-license-9.16.23-14.el9_3.4.noarch.rpm bind-utils-9.16.23-14.el9_3.4.aarch64.rpm python3-bind-9.16.23-14.el9_3.4.noarch.rpm bind-devel-9.16.23-14.el9_3.4.aarch64.rpm bind-doc-9.16.23-14.el9_3.4.noarch.rpm

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2023-4408 CVE-2023-5517 CVE-2023-5679 CVE-2023-6516 CVE-2023-50387 CVE-2023-50868

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here