CVE-2019-6465

Synopsis Moderate: bind security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for bind is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base sco ...

Synopsis Low: bind security and bug fix update Type/Severity Security Advisory: Low Topic An update for bind is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives ...

Synopsis Moderate: OpenShift Container Platform 4310 openshift-enterprise-hyperkube-container security update Type/Severity Security Advisory: Moderate Topic An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 43Red Hat Product Security has ra ...

Several security issues were fixed in Bind ...

Several security issues were fixed in Bind ...

Multiple vulnerabilities were found in the BIND DNS server: CVE-2018-5743 Connection limits were incorrectly enforced CVE-2018-5745 The "managed-keys" feature was susceptible to denial of service by triggering an assert CVE-2019-6465 ACLs for zone transfers were incorrectly enforced for dynamically loadable zones (DLZs) For ...

Debian Bug report logs - #922954 bind9: CVE-2018-5745: An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> ...

Debian Bug report logs - #927932 bind9: CVE-2018-5743: Limiting simultaneous TCP clients is ineffective Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Bernhard Schmidt <berni@debianorg> Date: Thu, 25 Apr 2019 06:51:04 UTC Severity: grave Tags: security, up ...

Debian Bug report logs - #922955 bind9: CVE-2019-6465: Zone transfer controls for writable DLZ zones were not effective Package: src:bind9; Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 22 Feb 2019 10:06:02 UTC Severity: gra ...

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's k ...

Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable in bind before 9137 A client exercising this defect can request and receive a zone transfer of a DLZ even when not permitted to do so by the allow-transfer ACL ...