RedHat: RHSA-2019-3552:01 Low: bind security and bug fix update

    Date05 Nov 2019
    CategoryRed Hat
    61
    Posted ByLinuxSecurity Advisories
    An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Low: bind security and bug fix update
    Advisory ID:       RHSA-2019:3552-01
    Product:           Red Hat Enterprise Linux
    Advisory URL:      https://access.redhat.com/errata/RHSA-2019:3552
    Issue date:        2019-11-05
    CVE Names:         CVE-2018-5745 CVE-2019-6465 
    =====================================================================
    
    1. Summary:
    
    An update for bind is now available for Red Hat Enterprise Linux 8.
    
    Red Hat Product Security has rated this update as having a security impact
    of Low. A Common Vulnerability Scoring System (CVSS) base score, which
    gives a detailed severity rating, is available for each vulnerability from
    the CVE link(s) in the References section.
    
    2. Relevant releases/architectures:
    
    Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
    Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
    
    3. Description:
    
    The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
    Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
    library (routines for applications to use when interfacing with DNS); and
    tools for verifying that the DNS server is operating correctly.
    
    Security Fix(es):
    
    * bind: An assertion failure if a trust anchor rolls over to an unsupported
    key algorithm when using managed-keys (CVE-2018-5745)
    
    * bind: Controls for zone transfers may not be properly applied to DLZs if
    the zones are writable (CVE-2019-6465)
    
    For more details about the security issue(s), including the impact, a CVSS
    score, acknowledgments, and other related information, refer to the CVE
    page(s) listed in the References section.
    
    Additional Changes:
    
    For detailed information on changes in this release, see the Red Hat
    Enterprise Linux 8.1 Release Notes linked from the References section.
    
    4. Solution:
    
    For details on how to apply this update, which includes the changes
    described in this advisory, refer to:
    
    https://access.redhat.com/articles/11258
    
    After installing the update, the BIND daemon (named) will be restarted
    automatically.
    
    5. Bugs fixed (https://bugzilla.redhat.com/):
    
    1666785 - conflicts between attempted installs of i686 and x86_64
    1668682 - libisc doesn't initialize entropy pool for ssl context
    1679303 - CVE-2018-5745 bind: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys
    1679304 - CVE-2019-6465 bind: Controls for zone transfers may not be properly applied to DLZs if the zones are writable
    1679307 - idna system tests are failing, some names are not rejected
    
    6. Package List:
    
    Red Hat Enterprise Linux AppStream (v. 8):
    
    aarch64:
    bind-9.11.4-26.P2.el8.aarch64.rpm
    bind-chroot-9.11.4-26.P2.el8.aarch64.rpm
    bind-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-debugsource-9.11.4-26.P2.el8.aarch64.rpm
    bind-devel-9.11.4-26.P2.el8.aarch64.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-libs-9.11.4-26.P2.el8.aarch64.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-libs-lite-9.11.4-26.P2.el8.aarch64.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-lite-devel-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-devel-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-libs-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-utils-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-sdb-9.11.4-26.P2.el8.aarch64.rpm
    bind-sdb-chroot-9.11.4-26.P2.el8.aarch64.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-utils-9.11.4-26.P2.el8.aarch64.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    
    noarch:
    bind-license-9.11.4-26.P2.el8.noarch.rpm
    python3-bind-9.11.4-26.P2.el8.noarch.rpm
    
    ppc64le:
    bind-9.11.4-26.P2.el8.ppc64le.rpm
    bind-chroot-9.11.4-26.P2.el8.ppc64le.rpm
    bind-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-debugsource-9.11.4-26.P2.el8.ppc64le.rpm
    bind-devel-9.11.4-26.P2.el8.ppc64le.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-libs-9.11.4-26.P2.el8.ppc64le.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-libs-lite-9.11.4-26.P2.el8.ppc64le.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-lite-devel-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-devel-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-libs-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-utils-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-sdb-9.11.4-26.P2.el8.ppc64le.rpm
    bind-sdb-chroot-9.11.4-26.P2.el8.ppc64le.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-utils-9.11.4-26.P2.el8.ppc64le.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    
    s390x:
    bind-9.11.4-26.P2.el8.s390x.rpm
    bind-chroot-9.11.4-26.P2.el8.s390x.rpm
    bind-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-debugsource-9.11.4-26.P2.el8.s390x.rpm
    bind-devel-9.11.4-26.P2.el8.s390x.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-libs-9.11.4-26.P2.el8.s390x.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-libs-lite-9.11.4-26.P2.el8.s390x.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-lite-devel-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-devel-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-libs-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-utils-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-sdb-9.11.4-26.P2.el8.s390x.rpm
    bind-sdb-chroot-9.11.4-26.P2.el8.s390x.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-utils-9.11.4-26.P2.el8.s390x.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    
    x86_64:
    bind-9.11.4-26.P2.el8.x86_64.rpm
    bind-chroot-9.11.4-26.P2.el8.x86_64.rpm
    bind-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-debugsource-9.11.4-26.P2.el8.i686.rpm
    bind-debugsource-9.11.4-26.P2.el8.x86_64.rpm
    bind-devel-9.11.4-26.P2.el8.i686.rpm
    bind-devel-9.11.4-26.P2.el8.x86_64.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-libs-9.11.4-26.P2.el8.i686.rpm
    bind-libs-9.11.4-26.P2.el8.x86_64.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-libs-lite-9.11.4-26.P2.el8.i686.rpm
    bind-libs-lite-9.11.4-26.P2.el8.x86_64.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-lite-devel-9.11.4-26.P2.el8.i686.rpm
    bind-lite-devel-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-devel-9.11.4-26.P2.el8.i686.rpm
    bind-pkcs11-devel-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-libs-9.11.4-26.P2.el8.i686.rpm
    bind-pkcs11-libs-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-utils-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-sdb-9.11.4-26.P2.el8.x86_64.rpm
    bind-sdb-chroot-9.11.4-26.P2.el8.x86_64.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-utils-9.11.4-26.P2.el8.x86_64.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    
    Red Hat Enterprise Linux BaseOS (v. 8):
    
    Source:
    bind-9.11.4-26.P2.el8.src.rpm
    
    aarch64:
    bind-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-debugsource-9.11.4-26.P2.el8.aarch64.rpm
    bind-export-devel-9.11.4-26.P2.el8.aarch64.rpm
    bind-export-libs-9.11.4-26.P2.el8.aarch64.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.aarch64.rpm
    
    ppc64le:
    bind-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-debugsource-9.11.4-26.P2.el8.ppc64le.rpm
    bind-export-devel-9.11.4-26.P2.el8.ppc64le.rpm
    bind-export-libs-9.11.4-26.P2.el8.ppc64le.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.ppc64le.rpm
    
    s390x:
    bind-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-debugsource-9.11.4-26.P2.el8.s390x.rpm
    bind-export-devel-9.11.4-26.P2.el8.s390x.rpm
    bind-export-libs-9.11.4-26.P2.el8.s390x.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.s390x.rpm
    
    x86_64:
    bind-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-debugsource-9.11.4-26.P2.el8.i686.rpm
    bind-debugsource-9.11.4-26.P2.el8.x86_64.rpm
    bind-export-devel-9.11.4-26.P2.el8.i686.rpm
    bind-export-devel-9.11.4-26.P2.el8.x86_64.rpm
    bind-export-libs-9.11.4-26.P2.el8.i686.rpm
    bind-export-libs-9.11.4-26.P2.el8.x86_64.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-export-libs-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-libs-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-libs-lite-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-pkcs11-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-pkcs11-libs-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-pkcs11-utils-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-sdb-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.i686.rpm
    bind-utils-debuginfo-9.11.4-26.P2.el8.x86_64.rpm
    
    These packages are GPG signed by Red Hat for security.  Our key and
    details on how to verify the signature are available from
    https://access.redhat.com/security/team/key/
    
    7. References:
    
    https://access.redhat.com/security/cve/CVE-2018-5745
    https://access.redhat.com/security/cve/CVE-2019-6465
    https://access.redhat.com/security/updates/classification/#low
    https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
    
    8. Contact:
    
    The Red Hat security contact is . More contact
    details at https://access.redhat.com/security/team/contact/
    
    Copyright 2019 Red Hat, Inc.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1
    
    iQIVAwUBXcHrF9zjgjWX9erEAQiMww//VnWQCBMuru+Mq3GxHo5xLpFXpbEQI3va
    ySyW1rJldU7HQ+7KYNRyHzAXM3Cq22qO1ztG8LpMrayLKw5mqDSGaRcKxtp0UVZS
    iS9+7ifgGVuut5uxpm55gACcrMcsnWqhYnXyoGRbsxWbYUFPtZCeKMdYGiSIeZbK
    /LFOKXNpNWc1YRey0NRDXWO+e2wMb4jGe+t2f0unbqhiqQVxMPGZNK/m+ZJHRWM0
    luhUj7Anfmi0BreA2Euak9rfkySSzhMCstRVnso1U6QV7tTwWA6/lsTO3u8u8jYg
    k5NN+hIfvmWoAurCbRmVzBCmSOG67DdRwAtwp+azo9m8jiW698hQcZ3PF4+309rN
    /BW+egUzgt1pXckwMnxcyUCdPK+B2MRYEFqnfILFXexFWFyrw47JopIr5edPSjxB
    4ZSbsRtUIhB8GDbKTxYTXBEVx2gSbLr+nV4FFVo3sVs4ere44F+iRNUL98TwwpUf
    a6fMNvsjgveagpAy/RpSwoJzm1vW+nYWACuFDzUbfKqULbMUgK9BoqGbAg3Qswqq
    ijHtdFvLt5IXYGLZ416DsxlsP9iPc8WevD+SyMS3UyJDeoNN7XbChSV9mtYLjKy0
    iglrNIFVpjvSPAAEjfQMkQ7HblwHs/667kvc6LSUjssEAQW6t8faxaTnOz7jDcBo
    RpJggpgc7qg=
    =lo1f
    -----END PGP SIGNATURE-----
    
    --
    RHSA-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/rhsa-announce
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"64","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.39,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.46,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.