Release Info

Advisory: CLSA-2021:1634922250

OS: Oracle Linux 6 ELS

Public date: 2021-10-22 00:00:00

Project: bind

Version: 9.8.2-0.68.rc1.el6_10.10.cloudlinux.els

Errata link: https://errata.cloudlinux.com/ol6/CLSA-2021-1634922250.html

Changelog

- A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214) - An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215) - A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack (CVE-2021-25216)

Update

Packages list

bind-sdb-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm bind-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.i686.rpm bind-utils-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64.rpm

CVEs

CVE-2021-25215
CVE-2021-25216
CVE-2021-25214