Debian Bug report logs -
#961939
bind9: CVE-2020-8616 CVE-2020-8617
Package:
src:bind9;
Maintainer for src:bind9 is Debian DNS Team <team+dns@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 31 May 2020 19:27:02 UTC
Severity: grave
Tags: security, upstream
Found in versions bind9 ...
Several vulnerabilities were discovered in BIND, a DNS server
implementation
CVE-2019-6477
It was discovered that TCP-pipelined queries can bypass tcp-client
limits resulting in denial of service
CVE-2020-8616
It was discovered that BIND does not sufficiently limit the number
of fetches performed when processing referrals An att ...
Several security issues were fixed in Bind ...
Several security issues were fixed in Bind ...
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral This has at least two potential effects: The performa ...
An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records This flaw allows an attacker that knows or successfully guesses the name of the TSIG key used by the server to use a specially-crafted message, potentially causing a BIND server to reach an inconsistent state or cause a denial of service ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 77 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Syste ...
Synopsis
Moderate: OpenShift Container Platform 4325 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4325 is now available withupdates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this up ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 72 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Syste ...
Synopsis
Moderate: OpenShift Container Platform 4325 openshift-enterprise-hyperkube-container security update
Type/Severity
Security Advisory: Moderate
Topic
An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 43Red Hat Product Security has ra ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterprise Linux 74 Update Services for SAP Solutio ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 73 Advanced Update Support, Red Hat Enterprise Linux 73 Telco Extended Update Support, and Red Hat Enterprise Linux 73 Update Services for SAP Solutio ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 66 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Syste ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 65 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Syste ...
Synopsis
Moderate: OpenShift Container Platform 448 openshift-enterprise-hyperkube-container security update
Type/Severity
Security Advisory: Moderate
Topic
An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 44Red Hat Product Security has rat ...
Synopsis
Important: Container-native Virtualization security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 240 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Securi ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Syste ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sco ...
Synopsis
Moderate: OpenShift Container Platform 4236 ose-machine-config-operator-container security update
Type/Severity
Security Advisory: Moderate
Topic
An update for ose-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 42Red Hat Product Security has rated th ...
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Topic
An update for bind is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Syste ...
An issue has been found in bind before 9163, which does not sufficiently limit the number of fetches which may be performed while processing a referral response A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted refe ...