Lucene search
OracleLinuxELSA-2024-1789HistoryApr 11, 2024 - 12:00 a.m.
bind security update
2024-04-1100:00:00
linux.oracle.com
8
security update
bind
bind-dyndb-ldap
version 32:9.16.23-14.4
version 11.9-8.3
rebuild
correct z-stream tag
abi changes
large dns messages fix
cve-2023-50387
import tests
cpu load prevention
assertion failure prevention
nxdomain-redirect
rfc 1918 reverse zones
dns64
serve-stale
recursive query patterns
out-of-memory condition
dnssec validator
version 11.9-8.3
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.7 High
AI Score
Confidence
High
0.05 Low
EPSS
Percentile
92.9%
bind
[32:9.16.23-14.4]
- Rebuild with correct z-stream tag again
[32:9.16.23-14.3] - Rebuild together with bind-dyndb-ldap to adjust ABI changes
[32:9.16.23-14.2] - Import tests for large DNS messages fix
- Add downstream change complementing CVE-2023-50387
[32:9.16.23-14.1] - Prevent increased CPU load on large DNS messages (CVE-2023-4408)
- Prevent assertion failure when nxdomain-redirect is used with
RFC 1918 reverse zones (CVE-2023-5517) - Prevent assertion failure if DNS64 and serve-stale is used (CVE-2023-5679)
- Specific recursive query patterns may lead to an out-of-memory
condition (CVE-2023-6516) - Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387
CVE-2023-50868)
bind-dyndb-ldap
[11.9-8.3] - Rebuild with correct z-stream tag again
[11.9-8.2] - Rebuild required for BIND changes for KeyTrap change (CVE-2023-50387)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | bind | < 9.16.23-14.el9_3.4 | bind-9.16.23-14.el9_3.4.src.rpm |
| oracle linux | 9 | src | bind | < 9.16.23-14.el9_3.4 | bind-9.16.23-14.el9_3.4.src.rpm |
| oracle linux | 9 | src | bind-dyndb-ldap | < 11.9-8.el9_3.3 | bind-dyndb-ldap-11.9-8.el9_3.3.src.rpm |
| oracle linux | 9 | aarch64 | bind | < 9.16.23-14.el9_3.4 | bind-9.16.23-14.el9_3.4.aarch64.rpm |
| oracle linux | 9 | aarch64 | bind-chroot | < 9.16.23-14.el9_3.4 | bind-chroot-9.16.23-14.el9_3.4.aarch64.rpm |
| oracle linux | 9 | aarch64 | bind-devel | < 9.16.23-14.el9_3.4 | bind-devel-9.16.23-14.el9_3.4.aarch64.rpm |
| oracle linux | 9 | noarch | bind-dnssec-doc | < 9.16.23-14.el9_3.4 | bind-dnssec-doc-9.16.23-14.el9_3.4.noarch.rpm |
| oracle linux | 9 | aarch64 | bind-dnssec-utils | < 9.16.23-14.el9_3.4 | bind-dnssec-utils-9.16.23-14.el9_3.4.aarch64.rpm |
| oracle linux | 9 | noarch | bind-doc | < 9.16.23-14.el9_3.4 | bind-doc-9.16.23-14.el9_3.4.noarch.rpm |
| oracle linux | 9 | aarch64 | bind-dyndb-ldap | < 11.9-8.el9_3.3 | bind-dyndb-ldap-11.9-8.el9_3.3.aarch64.rpm |
Related
nessus
nessus
RHEL 9 : bind (RHSA-2024:1789)
2024-04-11 00:00:00
AlmaLinux 9 : bind (ALSA-2024:1789)
2024-04-12 00:00:00
almalinux
almalinux
Important: bind9.16 security update
2024-04-11 00:00:00
Important: bind security update
2024-04-11 00:00:00
Important: bind security update
2024-04-30 00:00:00
redhat
redhat
(RHSA-2024:2551) Important: bind security update
2024-04-30 11:38:49
(RHSA-2024:1800) Important: bind and bind-dyndb-ldap security updates
2024-04-15 00:59:14
(RHSA-2024:1789) Important: bind security update
2024-04-11 17:29:42
openvas
openvas
Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2024-fae88b73eb)
2024-03-04 00:00:00
Fedora: Security Advisory for bind (FEDORA-2024-fae88b73eb)
2024-03-04 00:00:00
Fedora: Security Advisory for bind (FEDORA-2024-21310568fa)
2024-02-20 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: bind-9.18.24-1.fc38
2024-03-04 01:27:17
[SECURITY] Fedora 39 Update: bind-dyndb-ldap-11.10-24.fc39
2024-02-19 02:29:30
[SECURITY] Fedora 38 Update: bind9-next-9.19.21-1.fc38
2024-02-26 00:47:16
aix
aix
AIX is vulnerable to denial of service due to ISC BIND
2024-06-04 16:06:25
debian
debian
[SECURITY] [DSA 5621-1] bind9 security update
2024-02-14 07:58:57
[SECURITY] [DSA 5620-1] unbound security update
2024-02-14 06:49:32
[SECURITY] [DLA 3736-1] unbound security update
2024-02-21 12:20:40
rocky
rocky
bind security update
2024-05-10 14:32:38
bind9.16 security update
2024-05-06 13:04:21
bind and dhcp security update
2024-05-06 13:04:07
ibm
ibm
osv
osv
Important: bind9.16 security update
2024-04-11 00:00:00
Important: bind9.16 security update
2024-05-06 13:04:21
Important: bind security update
2024-04-30 00:00:00
oraclelinux
oraclelinux
bind security update
2024-05-07 00:00:00
bind9.16 security update
2024-04-11 00:00:00
bind and dhcp security update
2024-05-29 00:00:00
ubuntu
ubuntu
Bind vulnerabilities
2024-02-19 00:00:00
Bind vulnerabilities
2024-02-13 00:00:00
Bind vulnerabilities
2024-04-09 00:00:00
mageia
mageia
Updated bind packages fix security vulnerabilities
2024-02-15 21:36:07
Updated dnsmasq packages fix security vulnerabilities
2024-02-18 04:49:05
slackware
slackware
[slackware-security] bind
2024-02-13 19:35:21
redos
redos
ROS-20240611-09
2024-06-11 00:00:00
ROS-20240410-09
2024-04-10 00:00:00
cloudfoundry
cloudfoundry
USN-6633-1: Bind vulnerabilities | Cloud Foundry
2024-02-29 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0563
2024-02-13 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0727
2024-02-15 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0204
2024-02-13 00:00:00
freebsd
freebsd
powerdns-recursor -- Multiple Vulnerabilities
2024-02-14 00:00:00
amazon
amazon
Important: unbound
2024-02-29 10:03:00
akamaiblog
akamaiblog
freebsd_advisory
freebsd_advisory
FreeBSD-SA-24:03.unbound
2024-03-28 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.7 High
AI Score
Confidence
High
0.05 Low
EPSS
Percentile
92.9%
Related for ELSA-2024-1789