Scientific Linux: SLSA-2020-2383-1 Critical: bind Fetch Limit Issue

bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) * bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) SL6 x86_64 bind-debuginfo-9.8.2-0.68.rc1.el6_10.7.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10 [More...]

Synopsis:          Important: bind security update
Advisory ID:       SLSA-2020:2383-1
Issue Date:        2020-06-03
CVE Numbers:       None
--

Security Fix(es):

* bind: BIND does not sufficiently limit the number of fetches performed
when processing referrals (CVE-2020-8616)

* bind: A logic error in code which checks TSIG validity can be used to
trigger an assertion failure in tsig.c (CVE-2020-8617)
--

SL6
  x86_64
    bind-debuginfo-9.8.2-0.68.rc1.el6_10.7.i686.rpm
    bind-debuginfo-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm
    bind-libs-9.8.2-0.68.rc1.el6_10.7.i686.rpm
    bind-libs-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm
    bind-utils-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm
    bind-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm
    bind-chroot-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm
    bind-devel-9.8.2-0.68.rc1.el6_10.7.i686.rpm
    bind-devel-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm
    bind-sdb-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm
  i386
    bind-debuginfo-9.8.2-0.68.rc1.el6_10.7.i686.rpm
    bind-libs-9.8.2-0.68.rc1.el6_10.7.i686.rpm
    bind-utils-9.8.2-0.68.rc1.el6_10.7.i686.rpm
    bind-9.8.2-0.68.rc1.el6_10.7.i686.rpm
    bind-chroot-9.8.2-0.68.rc1.el6_10.7.i686.rpm
    bind-devel-9.8.2-0.68.rc1.el6_10.7.i686.rpm
    bind-sdb-9.8.2-0.68.rc1.el6_10.7.i686.rpm

- Scientific Linux Development Team