bind-9.11.36-16.el8_10.2
エラータID: AXSA:2024-8688:02
リリース日:
2024/08/21 Wednesday - 10:43
題名:
bind-9.11.36-16.el8_10.2
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- BIND には、大量のリソースレコードを持つホストへの
レコードの追加や更新時に、リゾルバキャッシュや権限
ゾーンデータベースのアクセス速度が意図せず低下して
しまう問題があるため、リモートの攻撃者により、
サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2024-1737)
- BIND には、"KEY" リソースレコードを含むゾーンを
管理している場合、もしくは DNSSEC 検証機能を用いて
"KEY" リソースレコードを検証する場合に、リモートの
攻撃者により、SIG(0) 署名が含まれるように細工された
リクエストの送信を介して、サービス拒否攻撃 (CPU
リソース枯渇) を可能とする脆弱性が存在します。
(CVE-2024-1975)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-1737
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
CVE-2024-1975
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.
追加情報:
N/A
ダウンロード:
SRPMS
- bind-9.11.36-16.el8_10.2.src.rpm
MD5: 1ad8ae26231951f0b18ee6654a299b2d
SHA-256: 6501f4d6ec4f38c0810969d5a7d36e6298f60a6dfae3bde3620636511c0599f8
Size: 8.20 MB
Asianux Server 8 for x86_64
- bind-9.11.36-16.el8_10.2.x86_64.rpm
MD5: fbe4754531f981318f450da3a7fa9ede
SHA-256: 5f8b95439608c83d0c03251856e2b6aaa88b7c1d9ee77c2cdaf8598e9ed5bc71
Size: 2.13 MB - bind-chroot-9.11.36-16.el8_10.2.x86_64.rpm
MD5: 733676b99904e09ea21c2cbfec239033
SHA-256: 90ac1bfcd85d3b8acd7d9afe0d2067e8e9c001581f7d3cd0b46e0578cadfc9e9
Size: 106.21 kB - bind-devel-9.11.36-16.el8_10.2.i686.rpm
MD5: 667f2c6eebf5543d3481de2c04c9a025
SHA-256: 6f9cff2f1be2b3f8e591092e96ba4fec47926181cdf52998b4ff6aaf55899f3d
Size: 178.74 kB - bind-devel-9.11.36-16.el8_10.2.x86_64.rpm
MD5: 4509abbc96c639fc76dc7fed4a8fbbb9
SHA-256: cf3eb750c7b96ee3e0cbadb07e2c7a8a4f3a48fe09703b039fec6ada14b01cd1
Size: 178.74 kB - bind-export-devel-9.11.36-16.el8_10.2.i686.rpm
MD5: c4bf127b52afe6d61e8d657b0ce874e5
SHA-256: b2e7cfa77107d395075b1d401fae4f9717fe55c430d3e4db7621c0d56e3ed365
Size: 408.14 kB - bind-export-devel-9.11.36-16.el8_10.2.x86_64.rpm
MD5: 298c9d245668c3c81498c9a8b1188dd7
SHA-256: 93bff9be764788a13053d0287fedbdd81bed829cf988ef4a2ff5dcaac20a3efe
Size: 408.16 kB - bind-export-libs-9.11.36-16.el8_10.2.i686.rpm
MD5: 3c25e866146ca277216f36d30d5d3397
SHA-256: 84af3aa72e44f085117b4097bd4a19d8d9de397ae82ef0367de4884307656427
Size: 1.21 MB - bind-export-libs-9.11.36-16.el8_10.2.x86_64.rpm
MD5: 7b0f0791d0d27b5532532b1c8fdd390c
SHA-256: 7f2f4c689e6383f5aa2c0cc42d5e1ad36e7fe2817da621f2d7a2fdee3c717f05
Size: 1.14 MB - bind-libs-9.11.36-16.el8_10.2.i686.rpm
MD5: 79113e1fbb4e61436ff5a2dc3138901e
SHA-256: f81379226c2ab52a50153e140c692bf86a7416d1082327bf3d0911c66dd49588
Size: 181.24 kB - bind-libs-9.11.36-16.el8_10.2.x86_64.rpm
MD5: bc2fc23d7e58cf84d92ea6c40512c935
SHA-256: ad743cd978630357d4a171639055d54c3acdadeb519f2b518bf3fa7af7fd41a7
Size: 175.66 kB - bind-libs-lite-9.11.36-16.el8_10.2.i686.rpm
MD5: 30551edcf3d27fb89afe841b9e6ee4fa
SHA-256: 4a2646373f863c212f471f96b7087d30774b23fc80fbbcfe6defb872d4608e86
Size: 1.27 MB - bind-libs-lite-9.11.36-16.el8_10.2.x86_64.rpm
MD5: 0e46aef22d2ac5e0152022b9ae92b2e6
SHA-256: cc02c2598e427e2b0da88de0a613a64642542ea4ed9f1dc36f93861d6a21811c
Size: 1.19 MB - bind-license-9.11.36-16.el8_10.2.noarch.rpm
MD5: 32351f4b9eba748d78bac6238648d97c
SHA-256: 3de1f242e5379376cd69ae2a78d7458699954c6b43a315eaab0b0cfa583fde93
Size: 104.08 kB - bind-lite-devel-9.11.36-16.el8_10.2.i686.rpm
MD5: 00bcff25d74d35d5f66066a45b41b719
SHA-256: cd7b1e7a7bb6bc9e9aabe518331c57a0e55546ce3e404a370005749913fc05a9
Size: 401.39 kB - bind-lite-devel-9.11.36-16.el8_10.2.x86_64.rpm
MD5: 5fad598487bec7dd214401cb522092aa
SHA-256: c631d4f936c2f77ace39fbfd13c83f7c535da6bc62a6ef9ada8a775a956681d4
Size: 401.38 kB - bind-pkcs11-9.11.36-16.el8_10.2.x86_64.rpm
MD5: c49aaef189658ad3f3be9f0063cc5d97
SHA-256: 0ab9b734997589908d4bf985910a5e0edff755917ed91a7572268ee361026577
Size: 399.54 kB - bind-pkcs11-devel-9.11.36-16.el8_10.2.i686.rpm
MD5: 2225ad6a3bc9fbae1da525fb74ccda88
SHA-256: 81a356f1d897f3c04b6d7674287f2fdc7f8413d2d9e600690be403a24f425cbf
Size: 116.30 kB - bind-pkcs11-devel-9.11.36-16.el8_10.2.x86_64.rpm
MD5: 00ef331ab364cbcf185aece83e8b3d7e
SHA-256: e1ae589e3278bb8bea9fb8cbe1480188b030f6899212e4897fd730d89cfa91ed
Size: 116.29 kB - bind-pkcs11-libs-9.11.36-16.el8_10.2.i686.rpm
MD5: a998b776cb7f08f37af166498055a8ff
SHA-256: 9bfb0e18de25dd823c3e3fdb4d3cdcae3e234724e783fc507defd96cb7b9af79
Size: 1.21 MB - bind-pkcs11-libs-9.11.36-16.el8_10.2.x86_64.rpm
MD5: f4089db7414b20d5e24f7c42636d069a
SHA-256: fd8a2d2d19772a9e337a2acb244ae605c531220489923d9ac7c113dc67d17410
Size: 1.13 MB - bind-pkcs11-utils-9.11.36-16.el8_10.2.x86_64.rpm
MD5: f5aabb5fb3c2cdb1bd43b0f2d641b3d4
SHA-256: 0a67b0b346624878747d1aeb2ff1be99f641a3b47316f21260ccdad669d64884
Size: 261.34 kB - bind-sdb-9.11.36-16.el8_10.2.x86_64.rpm
MD5: 5419cacc7f22f9b030bb4616f890834c
SHA-256: 59b73746b6d99bf6e4dcf74777e57b9a5b7f41b94b56887359faf300d56b010c
Size: 459.36 kB - bind-sdb-chroot-9.11.36-16.el8_10.2.x86_64.rpm
MD5: a6180e1fd17b103c7b42f6a5bd29bdbd
SHA-256: 6b43fda233d862daaeab49c2d5a60afb09c65ebb57c434b54c61b6393fdf34b5
Size: 105.84 kB - bind-utils-9.11.36-16.el8_10.2.x86_64.rpm
MD5: a1626741d4d1ca4760010fb40db8682e
SHA-256: 9e402815268e0cbc279fcded7cc8a2576ae53a9ff81901f13fefb4663ef48b7d
Size: 452.92 kB - python3-bind-9.11.36-16.el8_10.2.noarch.rpm
MD5: 8fd721847a88a066ecf29828a4084811
SHA-256: bfe1dab6ccc7ae1c5f63aad4f1e2fdaaf5b449f825399dd1edf131d07220abef
Size: 151.36 kB
English