ELSA-2021-4384

Опубликовано: 16 нояб. 2021

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2021-4384: bind security and bug fix update (MODERATE)

[32:9.11.26-6]

Use random entropy to generate unique TKEY identifiers (#1980916)

[32:9.11.26-5]

Fix possible assertion failure isc_refcount_current == 0 in free_rbtdb (#1953056)

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

bind

9.11.26-6.el8

bind-chroot

9.11.26-6.el8

bind-devel

9.11.26-6.el8

bind-export-devel

9.11.26-6.el8

bind-export-libs

9.11.26-6.el8

bind-libs

9.11.26-6.el8

bind-libs-lite

9.11.26-6.el8

bind-license

9.11.26-6.el8

bind-lite-devel

9.11.26-6.el8

bind-pkcs11

9.11.26-6.el8

bind-pkcs11-devel

9.11.26-6.el8

bind-pkcs11-libs

9.11.26-6.el8

bind-pkcs11-utils

9.11.26-6.el8

bind-sdb

9.11.26-6.el8

bind-sdb-chroot

9.11.26-6.el8

bind-utils

9.11.26-6.el8

python3-bind

9.11.26-6.el8

Oracle Linux x86_64

bind

9.11.26-6.el8

bind-chroot

9.11.26-6.el8

bind-devel

9.11.26-6.el8

bind-export-devel

9.11.26-6.el8

bind-export-libs

9.11.26-6.el8

bind-libs

9.11.26-6.el8

bind-libs-lite

9.11.26-6.el8

bind-license

9.11.26-6.el8

bind-lite-devel

9.11.26-6.el8

bind-pkcs11

9.11.26-6.el8

bind-pkcs11-devel

9.11.26-6.el8

bind-pkcs11-libs

9.11.26-6.el8

bind-pkcs11-utils

9.11.26-6.el8

bind-sdb

9.11.26-6.el8

bind-sdb-chroot

9.11.26-6.el8

bind-utils

9.11.26-6.el8

python3-bind

9.11.26-6.el8

Связанные CVE

CVE-2021-25214

Ссылки на источники

Связанные уязвимости

CVE-2021-25214

CVSS3: 6.5

ubuntu

больше 4 лет назад

In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.