[SECURITY] Fedora 38 Update: bind-9.18.16-1.fc38

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

Fedora 38 : bind / bind-dyndb-ldap (2023-8e1ddb1fa2)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-8e1ddb1fa2 advisory. Update to BIND 9.18.16 Selected parts from upstream release notes. Visit that for details of bug fixes. Security Fixes - The overmem cleaning proces...

Fedora: Security Advisory for bind (FEDORA-2023-8e1ddb1fa2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2829

A vulnerability was found in BIND. This security flaw occurs when a named instance is configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache RFC 8198 option synth-from-dnssec enabled; remote termination can occur using a zone with a malformed...

[slackware-security] bind

New bind packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.16.42-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Exceeding the recursive-clients quota may cause named t...

CVE-2023-2828

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

AZL-27203 CVE-2023-2828 affecting package dhcp for versions less than 4.4.2-5

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

CVE-2023-2828

CVE-2023-2828 concerns the BIND 9 DNS server’s named component. The vulnerability stems from the cache-cleaning logic: when the resolver is queried for specific RRsets in a certain order, the configured max-cache-size can be exceeded, potentially causing memory exhaustion. Affected are multiple B...

CVE-2023-2828 named's configured cache size limit can be significantly exceeded

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

EulerOS Virtualization 3.0.6.0 : bind (EulerOS-SA-2023-2206)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance,...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-2206)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.0 : bind (EulerOS-SA-2023-2105)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance,...

EulerOS Virtualization 2.11.1 : dhcp (EulerOS-SA-2023-2035)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-2053)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2023-2105)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2023-2087)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-29549

Under certain circumstances, a call to the bind function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

new packages: bind

An update is available for bind. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.0...

bind security and bug fix update

32:9.11.36-8 - Correct regression preventing bind-dyndb-ldap build 2133889 32:9.11.36-7 - Prevent excessive resource use while processing large delegations. CVE-2022-2795 32:9.11.36-6 - Prevent freeing zone during statistics rendering 2101712...