Lucene search

CentOS ProjectCESA-2019:2057

HistoryAug 30, 2019 - 2:35 a.m.

bind security update

2019-08-3002:35:20

CentOS Project

lists.centos.org

238

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

70.2%

JSON

CentOS Errata and Security Advisory CESA-2019:2057

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

The following packages have been upgraded to a later upstream version: bind (9.11.4). (BZ#1640561)

Security Fix(es):

bind: Incorrect documentation of krb5-subdomain and ms-subdomain update policies (CVE-2018-5741)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2019-August/032086.html

Affected packages:
bind
bind-chroot
bind-devel
bind-export-devel
bind-export-libs
bind-libs
bind-libs-lite
bind-license
bind-lite-devel
bind-pkcs11
bind-pkcs11-devel
bind-pkcs11-libs
bind-pkcs11-utils
bind-sdb
bind-sdb-chroot
bind-utils

Upstream details at:
https://access.redhat.com/errata/RHSA-2019:2057

OSVersionArchitecturePackageVersionFilename
CentOS7x86_64bind< 9.11.4-9.P2.el7bind-9.11.4-9.P2.el7.x86_64.rpm
CentOS7x86_64bind-chroot< 9.11.4-9.P2.el7bind-chroot-9.11.4-9.P2.el7.x86_64.rpm
CentOS7i686bind-devel< 9.11.4-9.P2.el7bind-devel-9.11.4-9.P2.el7.i686.rpm
CentOS7x86_64bind-devel< 9.11.4-9.P2.el7bind-devel-9.11.4-9.P2.el7.x86_64.rpm
CentOS7i686bind-export-devel< 9.11.4-9.P2.el7bind-export-devel-9.11.4-9.P2.el7.i686.rpm
CentOS7x86_64bind-export-devel< 9.11.4-9.P2.el7bind-export-devel-9.11.4-9.P2.el7.x86_64.rpm
CentOS7i686bind-export-libs< 9.11.4-9.P2.el7bind-export-libs-9.11.4-9.P2.el7.i686.rpm
CentOS7x86_64bind-export-libs< 9.11.4-9.P2.el7bind-export-libs-9.11.4-9.P2.el7.x86_64.rpm
CentOS7i686bind-libs< 9.11.4-9.P2.el7bind-libs-9.11.4-9.P2.el7.i686.rpm
CentOS7x86_64bind-libs< 9.11.4-9.P2.el7bind-libs-9.11.4-9.P2.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	7	x86_64	bind	< 9.11.4-9.P2.el7	bind-9.11.4-9.P2.el7.x86_64.rpm
CentOS	7	x86_64	bind-chroot	< 9.11.4-9.P2.el7	bind-chroot-9.11.4-9.P2.el7.x86_64.rpm
CentOS	7	i686	bind-devel	< 9.11.4-9.P2.el7	bind-devel-9.11.4-9.P2.el7.i686.rpm
CentOS	7	x86_64	bind-devel	< 9.11.4-9.P2.el7	bind-devel-9.11.4-9.P2.el7.x86_64.rpm
CentOS	7	i686	bind-export-devel	< 9.11.4-9.P2.el7	bind-export-devel-9.11.4-9.P2.el7.i686.rpm
CentOS	7	x86_64	bind-export-devel	< 9.11.4-9.P2.el7	bind-export-devel-9.11.4-9.P2.el7.x86_64.rpm
CentOS	7	i686	bind-export-libs	< 9.11.4-9.P2.el7	bind-export-libs-9.11.4-9.P2.el7.i686.rpm
CentOS	7	x86_64	bind-export-libs	< 9.11.4-9.P2.el7	bind-export-libs-9.11.4-9.P2.el7.x86_64.rpm
CentOS	7	i686	bind-libs	< 9.11.4-9.P2.el7	bind-libs-9.11.4-9.P2.el7.i686.rpm
CentOS	7	x86_64	bind-libs	< 9.11.4-9.P2.el7	bind-libs-9.11.4-9.P2.el7.x86_64.rpm