bind-9.16.23-31.el9_6.2

エラータID: AXSA:2025-11077:11

Release date: 
Tuesday, November 11, 2025 - 19:46
Subject: 
bind-9.16.23-31.el9_6.2
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain
Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly.

Security Fix(es):

* Prevent cache poisoning due to weak PRNG (CVE-2025-40780)
* Address various spoofing attacks (CVE-2025-40778)

CVE-2025-40778
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
CVE-2025-40780
In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.

Solution: 

Update packages.

CVEs: 
CVE-2025-40778
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
CVE-2025-40780
In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
Additional Info: 

N/A

Download: 

SRPMS
  1. bind-9.16.23-31.el9_6.2.src.rpm
    MD5: 2b74958330a53ba9ad417ae84693c15f
    SHA-256: 3e9d39bd91424066e709a6de4baadfbd2654671430e38fc8905175e712fc1ba5
    Size: 5.10 MB

Asianux Server 9 for x86_64
  1. bind-9.16.23-31.el9_6.2.x86_64.rpm
    MD5: a3334ae2cdb7e76ea882352dc70959e4
    SHA-256: e7a42e16a810d8519e23aeeaf975df2d1938f19ebf4ad2e7fd5dc0d811df8d5e
    Size: 500.54 kB
  2. bind-chroot-9.16.23-31.el9_6.2.x86_64.rpm
    MD5: 66fd171c796f60b6a14dda69fa333ecd
    SHA-256: d9e48cc5e37dac031c0fee07a93f801dd81d9042b0646eca5dc0594a6280581b
    Size: 16.16 kB
  3. bind-devel-9.16.23-31.el9_6.2.i686.rpm
    MD5: c942444c11940b53a875c17a039012cd
    SHA-256: 04c60248ca72d0d7c0a7c0465c193a3def84eaedfd2ba659fe24fc83266fb687
    Size: 359.65 kB
  4. bind-devel-9.16.23-31.el9_6.2.x86_64.rpm
    MD5: c31df223b74bb4f5b9279594c61e9faa
    SHA-256: 417a741a9fa091718de61d9b5ca23e1a9a26a6e7b6e1098e763d6ba07116b4f8
    Size: 359.64 kB
  5. bind-dnssec-doc-9.16.23-31.el9_6.2.noarch.rpm
    MD5: 3fb244e48700b389b9365ebb013f8997
    SHA-256: a5d48ffeaeaa5e6df43fb7fe739262a243a3bed94faaac857fe246a899f28a27
    Size: 44.74 kB
  6. bind-dnssec-utils-9.16.23-31.el9_6.2.x86_64.rpm
    MD5: 6593ced054df5b7eb34a4cdfeb2c89ec
    SHA-256: bc80e76f4702abf1564faa2291263d058e9550524c31e0a57f58d4630aec4d0e
    Size: 113.68 kB
  7. bind-doc-9.16.23-31.el9_6.2.noarch.rpm
    MD5: a4fc936281437ef0efc58cc0778caf1b
    SHA-256: 13e6db997e850809fec19f4e4e8b880a4b66ad1b13e45549ddbb8eaa38dc8173
    Size: 2.08 MB
  8. bind-libs-9.16.23-31.el9_6.2.i686.rpm
    MD5: 511c687008ccef98293fc7b22a917622
    SHA-256: 34b918bf4ebab62bd3c94bead7d440d9bae019a224b0add1160af84ead263009
    Size: 1.34 MB
  9. bind-libs-9.16.23-31.el9_6.2.x86_64.rpm
    MD5: d429381040087c878c5b28c426a24837
    SHA-256: 1f350593f600500f488410d144c11f729719c4c903199d2b3b6b28687f261ff5
    Size: 1.24 MB
  10. bind-license-9.16.23-31.el9_6.2.noarch.rpm
    MD5: 939aee2d88b25ce61d0e3e4d9779fa07
    SHA-256: c9a11229ad3d88323c328f8e96fade36c9ee5ebcaccf212558eef0d2da57e22c
    Size: 12.27 kB
  11. bind-utils-9.16.23-31.el9_6.2.x86_64.rpm
    MD5: df24b999900611b48f2468a11f062ce2
    SHA-256: ad590487302dbcc943de0c2bd452751ca2a83e20407910e828947b3960a9c63c
    Size: 207.19 kB
  12. python3-bind-9.16.23-31.el9_6.2.noarch.rpm
    MD5: 0363772cb71abe3e0b8b02ef7718819d
    SHA-256: fea930a4dc8ba1af856fefc3483c0aca1c01f043e09146f267a51303dbc2a234
    Size: 70.98 kB