Описание
ELSA-2025-1670: bind9.18 security update (IMPORTANT)
[32:9.18.29-1.el9_5.1]
- Fix CVE-2024-11187 bind: bind9: Many records in the additional section cause CPU exhaustion
- Fix CVE-2024-12705 bind: bind9: DNS-over-HTTPS implementation suffers from multiple issues under heavy query load
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
bind9.18
9.18.29-1.el9_5.1
bind9.18-chroot
9.18.29-1.el9_5.1
bind9.18-devel
9.18.29-1.el9_5.1
bind9.18-dnssec-utils
9.18.29-1.el9_5.1
bind9.18-doc
9.18.29-1.el9_5.1
bind9.18-libs
9.18.29-1.el9_5.1
bind9.18-utils
9.18.29-1.el9_5.1
Oracle Linux x86_64
bind9.18
9.18.29-1.el9_5.1
bind9.18-chroot
9.18.29-1.el9_5.1
bind9.18-devel
9.18.29-1.el9_5.1
bind9.18-dnssec-utils
9.18.29-1.el9_5.1
bind9.18-doc
9.18.29-1.el9_5.1
bind9.18-libs
9.18.29-1.el9_5.1
bind9.18-utils
9.18.29-1.el9_5.1
Связанные CVE
Связанные уязвимости
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.