bind-9.11.36-16.el8_10.8

エラータID: AXSA:2026-775:05

Release date: 
Wednesday, June 10, 2026 - 17:43
Subject: 
bind-9.11.36-16.el8_10.8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

* bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation (CVE-2026-3039)
* bind: BIND: Denial of Service via specially crafted DNS messages (CVE-2026-5946)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-3039
BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
CVE-2026-5946
Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.

Solution: 

Update packages.

CVEs: 
CVE-2026-3039
BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
CVE-2026-5946
Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.
Additional Info: 

N/A

Download: 

SRPMS
  1. bind-9.11.36-16.el8_10.8.src.rpm
    MD5: 1aad6a17150f59724a035d26a993733a
    SHA-256: c7b8f7966d5eb141adc445f7297ba66e0a285684e34b5f49ae9c8530d5a4619e
    Size: 8.23 MB

Asianux Server 8 for x86_64
  1. bind-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: ccd2bfc83132b2b56ef98dac73d5fa2c
    SHA-256: 344d0f3df71452c15830f433a110c29fb36f722c8dde8f0f4fbbd2d8bbfcf7ff
    Size: 2.14 MB
  2. bind-chroot-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: 99ba2ee05e35ba38bd7f8ee54c35d9be
    SHA-256: 38f7e29b591f7453518464ac399b63d706fdb8458c22f3841232a7f7c6f7d1c0
    Size: 107.09 kB
  3. bind-devel-9.11.36-16.el8_10.8.i686.rpm
    MD5: 23bc0c6c0fd317beb0c4f5cd964b4fd4
    SHA-256: df428fe18d2e2d7709c164d2f530801b628e38c562957c0fc2d2507548152d1a
    Size: 179.63 kB
  4. bind-devel-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: 807386d05d47792fb6d2be2774910cb3
    SHA-256: efa7b41dff7322bec73b698d48079bed413dda30f9eb67d70dd4837b791e62d8
    Size: 179.61 kB
  5. bind-export-devel-9.11.36-16.el8_10.8.i686.rpm
    MD5: dd419bf9afce6fa5669e8bc918064875
    SHA-256: 95eca0b9d3835d9149f4f9a0df6f9a2f7690c3c7e4c507b473475929d918dc27
    Size: 409.29 kB
  6. bind-export-devel-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: 6b24890fe847110b20a24a44ddc27787
    SHA-256: 6ae8f16647411c6ef2d5067b9667b6bd937a1179f19461201429b90fb349c1a5
    Size: 409.30 kB
  7. bind-export-libs-9.11.36-16.el8_10.8.i686.rpm
    MD5: cfb60ad1f7702bca5413d6b6c01b261b
    SHA-256: b71e14b916af3ab156657f9b6eaf12d36425a7dcade09ebae805f8b76bcbd6be
    Size: 1.22 MB
  8. bind-export-libs-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: 55a370d3e3ad583889b2bafc3d4ceca4
    SHA-256: 2789e69079541ea8c7e710051288dd4bbb20d80494bbff41bc609e0cf2f392a2
    Size: 1.14 MB
  9. bind-libs-9.11.36-16.el8_10.8.i686.rpm
    MD5: 9d1aeb907ad55264d735afadde1602b1
    SHA-256: 8758882ea8baac95d1c8511f87f580cda76f25c3118833e33a80440fe93372dd
    Size: 182.20 kB
  10. bind-libs-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: fc40a83f43d895ded274be611fc7a2a5
    SHA-256: b364da4f5a924205f242e098e2748cf380ab35722f278965de3104cc97fc7b9c
    Size: 176.54 kB
  11. bind-libs-lite-9.11.36-16.el8_10.8.i686.rpm
    MD5: f5c1b40e9a0236bec4ec34e19a2918d0
    SHA-256: b28999bfa22dce8f1e0913ec1320e628c3853ac581f0ab5be887a5d4041121e7
    Size: 1.27 MB
  12. bind-libs-lite-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: d846a0d22bbb697548b5216bf32bf422
    SHA-256: 744000cbf6a1b492b12afb3216edc8b5f33ce6a2539fbcf9e5e8143cdfd098dd
    Size: 1.19 MB
  13. bind-license-9.11.36-16.el8_10.8.noarch.rpm
    MD5: 326e11f7cbaddb3eebf6ed5c9816966f
    SHA-256: 6fa2b851e6362c81c42cc3d471a18ba3d8e36295e74cba5e01164f0de01b59eb
    Size: 104.96 kB
  14. bind-lite-devel-9.11.36-16.el8_10.8.i686.rpm
    MD5: a9026e8b79a361491e1689810a0c92f4
    SHA-256: e53efdb668f8fa60c5684221bdb5d267dc915f4b57ba3908c9dcfeeed0ba8fe5
    Size: 402.50 kB
  15. bind-lite-devel-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: d4c9a8bdbf0b197c7e49844c5ea9164f
    SHA-256: dadb0dd39ba82a88a866f1bdbc6192eb2e951e9e5c4bcdf05ffabb47a8626e78
    Size: 402.52 kB
  16. bind-pkcs11-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: d3f6d1bbcf2e480e61eb25126c3f5da5
    SHA-256: e3cd03aeb23d840fa833f28134b0532f9de983b6d9936fd33754d3ec9ac2ba02
    Size: 400.64 kB
  17. bind-pkcs11-devel-9.11.36-16.el8_10.8.i686.rpm
    MD5: 2a5d5dc3a8f3166894b5ed6b02da02bc
    SHA-256: c9a9c06d97d34a496dd05b87441fb93a0c42736840f9374ae9e23a84075fabd2
    Size: 117.18 kB
  18. bind-pkcs11-devel-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: 048f3da8a8111e8f4c9336b72276bfab
    SHA-256: 674c1ab5fc6560b2a6dc4419d74ed07c96d53fefde0e45b97c42a43ab6b4126e
    Size: 117.18 kB
  19. bind-pkcs11-libs-9.11.36-16.el8_10.8.i686.rpm
    MD5: 08b71b6fef9f40d3075d7c157f6a75b0
    SHA-256: 7725e2551c1014f18d5f0cd14af9380090abd9eb4bdb2792067a9bcc361e8c5e
    Size: 1.21 MB
  20. bind-pkcs11-libs-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: f5b7f7955c45e56c22df45c0dbb76bcd
    SHA-256: 19b5b7c454d2bf9a058a1e92c2693bd46c8ca47aaac027d5a09dd8c74fc08b8f
    Size: 1.13 MB
  21. bind-pkcs11-utils-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: c76545630ae82c5fac378d12da314509
    SHA-256: f9e7b4754ae21d0dbc41fa2384893f06bf03434665dac3b120215a544423c6ed
    Size: 262.22 kB
  22. bind-sdb-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: ce4975d4ea82b08398381beed9f1aad1
    SHA-256: e0c6d76e27cc33e240d57f89d3902bf2a7a57c4a47cf08ff829c2a65433c9733
    Size: 460.25 kB
  23. bind-sdb-chroot-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: 2e7a6341a223c52bdfa6fd3966cf1908
    SHA-256: 8adb0f7637a486834ec417a4fa1e4b1f95753ea38f6fc38b077eae43c68e3fd2
    Size: 106.72 kB
  24. bind-utils-9.11.36-16.el8_10.8.x86_64.rpm
    MD5: 8965894f2fdbd27bf426ac7a784ae4b0
    SHA-256: addc9bfe524917e9fb2613b2b1c60a32b2220b9420d2bd039be312fafcfc60de
    Size: 453.60 kB
  25. python3-bind-9.11.36-16.el8_10.8.noarch.rpm
    MD5: 5402f2d83894b5c19c06fe5688ca4e87
    SHA-256: 0c927dc4db3cd1431e05f7862067aa805e10aa1ca4c6ae9828e7ff994d3cc2ec
    Size: 152.23 kB