Описание
ELSA-2025-19912: bind security update (IMPORTANT)
[9.18.33-4.0.1]
- Fix warning when changing device file permissions [Orabug: 36518580]
[9.18.33-4.2]
- Fix upstream reported regression in recent CVE fix (CVE-2025-8677)
[9.18.33-4.1]
- Refuse malformed DNSKEY records (CVE-2025-8677)
- Address various spoofing attacks (CVE-2025-40778)
- Prevent cache poisoning due to weak PRNG (CVE-2025-40780)
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
bind
9.18.33-4.0.1.el10_0.2
bind-chroot
9.18.33-4.0.1.el10_0.2
bind-devel
9.18.33-4.0.1.el10_0.2
bind-dnssec-utils
9.18.33-4.0.1.el10_0.2
bind-doc
9.18.33-4.0.1.el10_0.2
bind-libs
9.18.33-4.0.1.el10_0.2
bind-license
9.18.33-4.0.1.el10_0.2
bind-utils
9.18.33-4.0.1.el10_0.2
Oracle Linux x86_64
bind
9.18.33-4.0.1.el10_0.2
bind-chroot
9.18.33-4.0.1.el10_0.2
bind-devel
9.18.33-4.0.1.el10_0.2
bind-dnssec-utils
9.18.33-4.0.1.el10_0.2
bind-doc
9.18.33-4.0.1.el10_0.2
bind-libs
9.18.33-4.0.1.el10_0.2
bind-license
9.18.33-4.0.1.el10_0.2
bind-utils
9.18.33-4.0.1.el10_0.2
Связанные CVE
Связанные уязвимости
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
