Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2021-3325

Опубликовано: 01 сент. 2021
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2021-3325: bind security update (MODERATE)

[32:9.11.4-26.P2.7]

  • Apply again patch 172, got removed by mistake

[32:9.11.4-26.P2.6]

  • Insufficient IXFR checks could lead to assertion failure (CVE-2021-25214)

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

bind

9.11.4-26.P2.el7_9.7

bind-chroot

9.11.4-26.P2.el7_9.7

bind-devel

9.11.4-26.P2.el7_9.7

bind-export-devel

9.11.4-26.P2.el7_9.7

bind-export-libs

9.11.4-26.P2.el7_9.7

bind-libs

9.11.4-26.P2.el7_9.7

bind-libs-lite

9.11.4-26.P2.el7_9.7

bind-license

9.11.4-26.P2.el7_9.7

bind-lite-devel

9.11.4-26.P2.el7_9.7

bind-pkcs11

9.11.4-26.P2.el7_9.7

bind-pkcs11-devel

9.11.4-26.P2.el7_9.7

bind-pkcs11-libs

9.11.4-26.P2.el7_9.7

bind-pkcs11-utils

9.11.4-26.P2.el7_9.7

bind-sdb

9.11.4-26.P2.el7_9.7

bind-sdb-chroot

9.11.4-26.P2.el7_9.7

bind-utils

9.11.4-26.P2.el7_9.7

Oracle Linux x86_64

bind

9.11.4-26.P2.el7_9.7

bind-chroot

9.11.4-26.P2.el7_9.7

bind-devel

9.11.4-26.P2.el7_9.7

bind-export-devel

9.11.4-26.P2.el7_9.7

bind-export-libs

9.11.4-26.P2.el7_9.7

bind-libs

9.11.4-26.P2.el7_9.7

bind-libs-lite

9.11.4-26.P2.el7_9.7

bind-license

9.11.4-26.P2.el7_9.7

bind-lite-devel

9.11.4-26.P2.el7_9.7

bind-pkcs11

9.11.4-26.P2.el7_9.7

bind-pkcs11-devel

9.11.4-26.P2.el7_9.7

bind-pkcs11-libs

9.11.4-26.P2.el7_9.7

bind-pkcs11-utils

9.11.4-26.P2.el7_9.7

bind-sdb

9.11.4-26.P2.el7_9.7

bind-sdb-chroot

9.11.4-26.P2.el7_9.7

bind-utils

9.11.4-26.P2.el7_9.7

Связанные CVE

CVE-2021-25214

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2021-25214

CVSS3: 6.5
ubuntu
больше 4 лет назад

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.

redhat логотип

CVE-2021-25214

CVSS3: 6.5
redhat
больше 4 лет назад

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.

nvd логотип

CVE-2021-25214

CVSS3: 6.5
nvd
больше 4 лет назад

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.

msrc логотип

CVE-2021-25214

CVSS3: 6.5
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-25214

CVSS3: 6.5
debian
больше 4 лет назад

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versi ...