DSA-4752-1 bind9 -- bind9ID: oval:org.secpod.oval:def:66745 | Date: (C)2020-11-09 (M)2024-01-16 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2020-8619 It was discovered that an asterisk character in an empty non- terminal can cause an assertion failure, resulting in denial of service. CVE-2020-8622 Dave Feldman, Jeff Warren, and Joel Cunningham reported that a truncated TSIG response can lead to an assertion failure, resulting in denial of service. CVE-2020-8623 Lyu Chiy reported that a flaw in the native PKCS#11 code can lead to a remotely triggerable assertion failure, resulting in denial of service. CVE-2020-8624 Joop Boonen reported that update-policy rules of type quot;subdomainquot; are enforced incorrectly, allowing updates to all parts of the zone along with the intended subdomain.