Updated bind packages fix security vulnerabilities
Publication date: 15 Feb 2024Modification date: 15 Feb 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-4408 , CVE-2023-5517 , CVE-2023-5679 , CVE-2023-50387 , CVE-2023-50868
Description
The updated packages fix security vulnerabilities:
Parsing large DNS messages may cause excessive CPU load. (CVE-2023-4408)
Querying RFC 1918 reverse zones may cause an assertion failure when
"nxdomain-redirect" is enabled. (CVE-2023-5517)
Enabling both DNS64 and serve-stale may cause an assertion failure
during recursive resolution. (CVE-2023-5679)
KeyTrap - Extreme CPU consumption in DNSSEC validator. (CVE-2023-50387)
Preparing an NSEC3 closest encloser proof can exhaust CPU resources.
(CVE-2023-50868)
References
- https://bugs.mageia.org/show_bug.cgi?id=32846
- https://kb.isc.org/docs/cve-2023-4408
- https://kb.isc.org/docs/cve-2023-5517
- https://kb.isc.org/docs/cve-2023-5679
- https://kb.isc.org/docs/cve-2023-50387
- https://kb.isc.org/docs/cve-2023-50868
- https://downloads.isc.org/isc/bind9/9.18.24/doc/arm/html/notes.html#notes-for-bind-9-18-24
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
SRPMS
9/core
- bind-9.18.15-2.3.mga9