[SECURITY] Fedora 37 Update: bind-9.18.19-1.fc37 - package-announce - Fedora mailing-lists

11 Oct 2023


      --------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-87502c4a93
2023-10-11 01:33:15.490299
--------------------------------------------------------------------------------
Name        : bind
Product     : Fedora 37
Version     : 9.18.19
Release     : 1.fc37
URL         : https://www.isc.org/downloads/bind/
Summary     : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.
--------------------------------------------------------------------------------
Update Information:
# BIND 9.18.19  ##Security Fixes  -    Previously, sending a specially crafted
message over the control channel could cause the packet-parsing code to run out
of available stack memory, causing named to terminate unexpectedly. This has
been fixed.
([CVE-2023-3341](https://access.redhat.com/security/cve/CVE-2023-3341)) -    A
flaw in the networking code handling DNS-over-TLS queries could cause named to
terminate unexpectedly due to an assertion failure under significant DNS-over-
TLS query load. This has been fixed.
([CVE-2023-4236](https://access.redhat.com/security/cve/CVE-2023-4236)) -
[Upstream release notes](https://downloads.isc.org/isc/bind9/9.18.19/doc/arm/htm
l/notes.html#notes-for-bind-9-18-19)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Sep 22 2023 Petr Men����k pemensik@redhat.com - 32:9.18.19-1
- Update to 9.18.19 (#2232346)
* Fri Sep 22 2023 Petr Men����k pemensik@redhat.com - 32:9.18.18-2
- Skip failing rbtdb_test unit test on i686 (#2240253)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2232346 - bind-9.18.19 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=2232346
  [ 2 ] Bug #2239874 - CVE-2023-3341 bind: insufficient input validation may lead to DoS [fedora-37]
        https://bugzilla.redhat.com/show_bug.cgi?id=2239874
  [ 3 ] Bug #2239877 - CVE-2023-4236 bind: an assertion failure may lead to DoS [fedora-37]
        https://bugzilla.redhat.com/show_bug.cgi?id=2239877
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-87502c4a93' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------