bind-9.8.2-0.68.8.0.1.rc1.AXS4

エラータID: AXSA:2020-735:07

Release date: 
Thursday, October 15, 2020 - 08:08
Subject: 
bind-9.8.2-0.68.8.0.1.rc1.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
Moderate
Description: 

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

* bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-8622
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. bind-9.8.2-0.68.8.0.1.rc1.AXS4.src.rpm
    MD5: 4706f159424a65ce3888975d4fc9af10
    SHA-256: 20c2d902683dbcca0a5aeec7fe196e54783b1ecea75c85ef3cb2dd32887cbce1
    Size: 8.49 MB

Asianux Server 4 for x86
  1. bind-9.8.2-0.68.8.0.1.rc1.AXS4.i686.rpm
    MD5: 348688f74797e7732304ebaf29d24c39
    SHA-256: 188cdd2cd8bdc3fd7b758fa8a9966946ed2c254fcb91eaca8937443b3c9c9c52
    Size: 4.00 MB
  2. bind-chroot-9.8.2-0.68.8.0.1.rc1.AXS4.i686.rpm
    MD5: 4d585b51dcefef7d655deb249667efe8
    SHA-256: 452df5413d12ace76a781aa22085ecbefdc16e1df40a5d1fc15332cb63efe183
    Size: 78.15 kB
  3. bind-libs-9.8.2-0.68.8.0.1.rc1.AXS4.i686.rpm
    MD5: 6cc580e044392a587c75f27a79c3eb69
    SHA-256: 9fba9e7cc6091c1298c96eb28fabc480e61bca2ddb914aef6256f2d47323be62
    Size: 904.14 kB
  4. bind-utils-9.8.2-0.68.8.0.1.rc1.AXS4.i686.rpm
    MD5: 2c9ce80dc0f956210f6b01d33705a987
    SHA-256: 481a13060efd4c8bf06e3e72d5197fe9a2ad935dfa0398da48281eb714cf138b
    Size: 188.50 kB

Asianux Server 4 for x86_64
  1. bind-9.8.2-0.68.8.0.1.rc1.AXS4.x86_64.rpm
    MD5: 3471c89cbe492e7bf6616f7b7e5c5332
    SHA-256: cce4dea6a310a17ab8d5038abe2a6acbf4349840362d905805305c37ba876a17
    Size: 4.00 MB
  2. bind-chroot-9.8.2-0.68.8.0.1.rc1.AXS4.x86_64.rpm
    MD5: 096c2d68fe878d0224f5f9f5c4f07de2
    SHA-256: bfacf3f010d0b601a8a242efa9662222287a17a4756f0af381713f583e1af315
    Size: 77.71 kB
  3. bind-libs-9.8.2-0.68.8.0.1.rc1.AXS4.x86_64.rpm
    MD5: 06dd80b41406dfb3cda5d36569d63ce8
    SHA-256: bdfed8ca175c2fbbb2dd6ebe6eebefb207d42a32270e2e88eb7b4dcdde017337
    Size: 892.33 kB
  4. bind-utils-9.8.2-0.68.8.0.1.rc1.AXS4.x86_64.rpm
    MD5: cf371833a38583f82ee64b827e425dc8
    SHA-256: ff42b458e34c9460722cc75e61c2d5f4e92df309e599afcc218b872b893a8d24
    Size: 189.09 kB
  5. bind-libs-9.8.2-0.68.8.0.1.rc1.AXS4.i686.rpm
    MD5: 6cc580e044392a587c75f27a79c3eb69
    SHA-256: 9fba9e7cc6091c1298c96eb28fabc480e61bca2ddb914aef6256f2d47323be62
    Size: 904.14 kB