[SECURITY] [DLA 2355-1] bind9 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2355-1] bind9 security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sat, 29 Aug 2020 23:30:34 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.20.2008292328420.22237@jupiter.server.alteholz.me>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2355-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
August 29, 2020                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : bind9
Version        : 1:9.10.3.dfsg.P4-12.3+deb9u7
CVE ID         : CVE-2020-8622 CVE-2020-8623


Two issues have been found in bind9, an Internet Domain Name Server.

CVE-2020-8622

     Crafted responses to TSIG-signed requests could lead to an assertion
     failure, causing the server to exit. This could be done by malicious
     server operators or guessing attackers.

CVE-2020-8623

     An assertions failure, causing the server to exit, can be exploited
     by a query for an RSA signed zone.


For Debian 9 stretch, these problems have been fixed in version
1:9.10.3.dfsg.P4-12.3+deb9u7.

We recommend that you upgrade your bind9 packages.

For the detailed security status of bind9 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/bind9

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl9KyPpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcNPxAAkR780dtrjFfWfWQHUUb7SXxxCupMI+EI2nsC3ad6o2TfsZDe6eU6V5wX
KC2MDag8/ERJj4EvlLhsq4yLDT0qfRfA/d/+Q5huzOuBcpvU8OaIFwGIaMDgQQpp
A0gqX146bNmXEDku3WBZUlJu7nCvyRO6C7LRTKQCLekX9/CM47HAMYr03WnAImU1
Ab5VLwieGVT0vMGQcpUYjmxGUrGJaHTHlALnpO1TzBftvQzVIX9C+fjlHxh6/LSF
um87Wp8m3ixR80Vmqtof1DR6WIcFzaKLzwS0s2LijFPjvc4lV5uwh7oAcIt1S4J/
uwoeeMonDnEA+z+zg6+DsPce07feQw/enqp8ue0/bEMaOSeNu2gfwdRymqqr0yax
eVaWqrpL+3FfdjWP7a1UGGveUl5NGR9QkTJqGINiTaKdv71oQa+Pj3ghSx8Nwzr/
KoPsee7Q6RLB1uzu4qSvqaqTgEaXGiEybAKQRSA2/uBJFCqCRrUBY7UCt4pp/46r
vggwJuujKJm9xPpqK/eOH/0czDlJYC5OQbkzthrL8BE0iv1VQhZPxd5S5JXAHSOM
sp8TEyHkWKFeqB8Xp8XiVSOkq4k35wV0xYgMbGTukrK8AgGoveGk01r+pgKjDRfe
yTRUcJ3PyfhsleBc8PkBuL86D90jaD8gi8sH6Mh8NCz8VSUz+Aw=
=DQli
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2354-1] ndpi security update
Next by Date: [SECURITY] [DLA 2356-1] freerdp security update
Previous by thread: [SECURITY] [DLA 2354-1] ndpi security update
Next by thread: [SECURITY] [DLA 2356-1] freerdp security update
Index(es):
- Date
- Thread