RLSA-2025:21111

Опубликовано: 21 нояб. 2025

Источник: rocky

Оценка: Important

Описание

Important: bind9.18 security update

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly.

Security Fix(es):

bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)
bind: Cache poisoning due to weak PRNG (CVE-2025-40780)
bind: Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 9

Наименование	Архитектура	Релиз	RPM
bind9.18	x86_64	5.el9_7.2	bind9.18-9.18.29-5.el9_7.2.x86_64.rpm
bind9.18-chroot	x86_64	5.el9_7.2	bind9.18-chroot-9.18.29-5.el9_7.2.x86_64.rpm
bind9.18-dnssec-utils	x86_64	5.el9_7.2	bind9.18-dnssec-utils-9.18.29-5.el9_7.2.x86_64.rpm
bind9.18-libs	x86_64	5.el9_7.2	bind9.18-libs-9.18.29-5.el9_7.2.x86_64.rpm
bind9.18-utils	x86_64	5.el9_7.2	bind9.18-utils-9.18.29-5.el9_7.2.x86_64.rpm