SUSE-SU-2022:0908-1 Security update for bind

This update for bind fixes the following issues: - CVE-2021-25220: Fixed a DNS cache poisoning vulnerability due to loose caching rules bsc1197135...

DEBIAN-CVE-2021-25219

In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response...

SUSE-SU-2021:2876-1 Security update for bind

This update for bind fixes the following issues: - CVE-2020-8622: A truncated TSIG response can lead to an assertion failure bsc1175443...

Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot

...

OPENSUSE-SU-2021:0386-1 Security update for bind

This update for bind fixes the following issues: - dnssec-keygen can no longer generate HMAC keys. Use tsig-keygen instead. bsc1180933 This update was imported from the SUSE:SLE-15:Update update project...

SUSE-SU-2021:0503-1 Security update for bind

This update for bind fixes the following issues: - CVE-2020-8625: A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack bsc1182246, CVE-2020-8625...

Privilege Escalation

bind is vulnerable to privilege escalation. The vulnerability exists as a user is able to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone...

DEBIAN-CVE-2020-8622

In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...

ISC BIND Denial of Service Vulnerability (CNVD-2020-29429)

ISC BIND is the United States ISC company's set of open source software that implements the DNS protocol. A denial of service vulnerability exists in ISC BIND. A remote attacker could exploit this vulnerability to cause a denial of service...

CVE-2019-6476

A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4...

ALPINE-CVE-2019-6465

Controls for zone transfers may not be properly applied to Dynamically Loadable Zones DLZs if the zones are writable Versions affected: BIND 9.9.0 - 9.10.8-P1, 9.11.0 - 9.11.5-P2, 9.12.0 - 9.12.3-P2, and versions 9.9.3-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 - 9.13.6 o...

SUSE-SU-2019:2550-1 Security update for bind

This update for bind fixes the following issues: Security issue fixed: - CVE-2019-6471: Fixed a reachable assert in dispatch.c. bsc1138687 Non-security issue fixed: - bind will no longer rely on /etc/insserv.conf bsc1118367, bsc1118368...

SUSE-SU-2019:14074-1 Security update for bind

This update for bind fixes the following issues: Security issues fixed: - CVE-2018-5740: Fixed a denial of service vulnerability in the 'deny-answer-aliases' feature bsc1104129. - CVE-2018-5743: Limiting simultaneous TCP clients is ineffective. bsc1133185 - CVE-2018-5745: An assertion failure can...

bind: assertion failure while handling a query response containing inconsistent DNSSEC information

A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...

SUSE-SU-2017:0594-1 Security update for bind

This update for bind fixes the following issues: - Fixed a possible denial of service vulnerability affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc1024130...

DEBIAN-CVE-2016-9147

named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a response containing an inconsistency among the DNSSEC-related RRsets...

ISC BIND 9 DNSSEC Assertion Failure Denial of Service Vulnerability

ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. A remote denial of service vulnerability exists in ISC BIND named, which can be exploited to cause a denial of service by an attacker who incorrectly...

ISC Releases Security Advisory

The Internet Systems Consortium ISC has released a security advisory to highlight a vulnerability in versions of BIND software released before May 2013, and in third-party versions that do not include fix 3548. Exploitation of this vulnerability may allow a remote attacker to cause a...

CVE-2016-1285

named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface...

MGASA-2016-0030 Updated bind packages fix security vulnerability

In ISC BIND before 9.10.3-P3, a buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl42.c CVE-2015-8704. In ISC BIND before 9.10.3-P3, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the...