RLSA-2025:21034

Опубликовано: 21 нояб. 2025

Источник: rocky

Оценка: Important

Описание

Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)
bind: Cache poisoning due to weak PRNG (CVE-2025-40780)
bind: Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 10

Наименование	Архитектура	Релиз	RPM
bind	x86_64	10.el10_1.2	bind-9.18.33-10.el10_1.2.x86_64.rpm
bind-chroot	x86_64	10.el10_1.2	bind-chroot-9.18.33-10.el10_1.2.x86_64.rpm
bind-dnssec-utils	x86_64	10.el10_1.2	bind-dnssec-utils-9.18.33-10.el10_1.2.x86_64.rpm
bind-libs	x86_64	10.el10_1.2	bind-libs-9.18.33-10.el10_1.2.x86_64.rpm
bind-license	noarch	10.el10_1.2	bind-license-9.18.33-10.el10_1.2.noarch.rpm
bind-license	noarch	10.el10_1.2	bind-license-9.18.33-10.el10_1.2.noarch.rpm
bind-license	noarch	10.el10_1.2	bind-license-9.18.33-10.el10_1.2.noarch.rpm
bind-license	noarch	10.el10_1.2	bind-license-9.18.33-10.el10_1.2.noarch.rpm
bind-utils	x86_64	10.el10_1.2	bind-utils-9.18.33-10.el10_1.2.x86_64.rpm