The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: truncated TSIG response can lead to an assertion failure * bind: remotely triggerable assertion failure in pk11.c * bind: incorrect enforcement of update-policy rules of type quot;subdomainquot; For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * BIND stops DNSKEY lookup in get_dst_key when a key with unsupported algorithm is found first [RHEL7]