-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-f9dcd4e9d5 2020-06-04 02:49:07.898534 --------------------------------------------------------------------------------
Name : bind Product : Fedora 31 Version : 9.11.19 Release : 1.fc31 URL : https://www.isc.org/downloads/bind/ Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly.
-------------------------------------------------------------------------------- Update Information:
Latest minor release with security updates. - [Upstream release notes](https://downloads.isc.org/isc/bind9/9.11.19/RELEASE-NOTES- bind-9.11.19.html) -------------------------------------------------------------------------------- ChangeLog:
* Fri May 15 2020 Petr Men����k pemensik@redhat.com - 32:9.11.19-1 - Update to 9.11.19 (CVE-2020-8616, CVE-2020-8617) - Make initscripts just optional dependency * Thu Apr 16 2020 Petr Men����k pemensik@redhat.com - 32:9.11.18-1 - Update to 9.11.18 * Tue Mar 31 2020 Petr Men����k pemensik@redhat.com - 32:9.11.17-1 - Update to 9.11.17 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1831841 - bind: DNS rebinding protection is ineffective when BIND is configured as a forwarding DNS server [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1831841 [ 2 ] Bug #1837286 - bind-9.11.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=1837286 [ 3 ] Bug #1837325 - CVE-2020-8616 bind: BIND does not sufficiently limit the number of fetches performed when processing referrals [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1837325 [ 4 ] Bug #1837326 - CVE-2020-8617 bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1837326 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-f9dcd4e9d5' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org