Rocky Linux: RLSA-2024:1781 bind9.16 security update Security Advisories Updates
Summary
An update is available for bind9.16. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind9: Parsing large DNS messages may cause excessive CPU load (CVE-2023-4408) * bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled (CVE-2023-5517) * bind9: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution (CVE-2023-5679) * bind9: Specific recursive query patterns may lead to an out-of-memory condition (CVE-2023-6516) * bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator (CVE-2023-50387) * bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources (CVE-2023-50868) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
RPMs
bind9.16-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-32:9.16.23-0.16.el8_9.2.src.rpm
bind9.16-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-chroot-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-chroot-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-debuginfo-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-debuginfo-32:9.16.23-0.16.el8_9.2.i686.rpm
bind9.16-debuginfo-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-debugsource-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-debugsource-32:9.16.23-0.16.el8_9.2.i686.rpm
bind9.16-debugsource-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-devel-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-devel-32:9.16.23-0.16.el8_9.2.i686.rpm
bind9.16-devel-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-dnssec-utils-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-dnssec-utils-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-dnssec-utils-debuginfo-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-dnssec-utils-debuginfo-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-doc-32:9.16.23-0.16.el8_9.2.noarch.rpm
bind9.16-libs-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-libs-32:9.16.23-0.16.el8_9.2.i686.rpm
bind9.16-libs-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-libs-debuginfo-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-libs-debuginfo-32:9.16.23-0.16.el8_9.2.i686.rpm
bind9.16-libs-debuginfo-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-license-32:9.16.23-0.16.el8_9.2.noarch.rpm
bind9.16-utils-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-utils-32:9.16.23-0.16.el8_9.2.x86_64.rpm
bind9.16-utils-debuginfo-32:9.16.23-0.16.el8_9.2.aarch64.rpm
bind9.16-utils-debuginfo-32:9.16.23-0.16.el8_9.2.x86_64.rpm
python3-bind9.16-32:9.16.23-0.16.el8_9.2.noarch.rpm
References
No References
CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6516
Fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2263896
https://bugzilla.redhat.com/show_bug.cgi?id=2263897
https://bugzilla.redhat.com/show_bug.cgi?id=2263909
https://bugzilla.redhat.com/show_bug.cgi?id=2263911
https://bugzilla.redhat.com/show_bug.cgi?id=2263914
https://bugzilla.redhat.com/show_bug.cgi?id=2263917