Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:1989

Опубликовано: 18 мая 2021
Источник: rocky
Оценка: Important

Описание

Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

  • bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bind-export-libsi6864.el8_4bind-export-libs-9.11.26-4.el8_4.i686.rpm
bind-export-libsx86_644.el8_4bind-export-libs-9.11.26-4.el8_4.x86_64.rpm
bind-export-develx86_644.el8_4bind-export-devel-9.11.26-4.el8_4.x86_64.rpm
bind-export-develi6864.el8_4bind-export-devel-9.11.26-4.el8_4.i686.rpm

Показывать по

Связанные CVE

CVE-2021-25215

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2021-25215

CVSS3: 7.5
ubuntu
больше 4 лет назад

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.

redhat логотип

CVE-2021-25215

CVSS3: 7.5
redhat
больше 4 лет назад

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.

nvd логотип

CVE-2021-25215

CVSS3: 7.5
nvd
больше 4 лет назад

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.

msrc логотип

CVE-2021-25215

CVSS3: 7.5
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-25215

CVSS3: 7.5
debian
больше 4 лет назад

In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S ...