Several vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2020-8619 It was discovered that an asterisk character in an empty non- terminal can cause an assertion failure, resulting in denial of service. CVE-2020-8622 Dave Feldman, Jeff Warren, and Joel Cunningham reported that a truncated TSIG response can lead to an assertion failure, resulting in denial of service. CVE-2020-8623 Lyu Chiy reported that a flaw in the native PKCS#11 code can lead to a remotely triggerable assertion failure, resulting in denial of service. CVE-2020-8624 Joop Boonen reported that update-policy rules of type quot;subdomainquot; are enforced incorrectly, allowing updates to all parts of the zone along with the intended subdomain.