bind9.18-9.18.29-4.el9_6.2

エラータID: AXSA:2025-11099:05

リリース日: 
2025/11/17 Monday - 21:25
題名: 
bind9.18-9.18.29-4.el9_6.2
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain
Name System) protocols. BIND includes a DNS server (named), which resolves host
names to IP addresses; a resolver library (routines for applications to use when
interfacing with DNS); and tools for verifying that the DNS server is operating
properly.

Security Fix(es):

bind: Cache poisoning attacks with unsolicited RRs (CVE-2025-40778)
bind: Cache poisoning due to weak PRNG (CVE-2025-40780)
bind: Resource exhaustion via malformed DNSKEY handling (CVE-2025-8677)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE(s):
CVE-2025-8677
CVE-2025-40778
CVE-2025-40780

解決策: 

Update packages.

CVE: 
CVE-2025-40778
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
CVE-2025-40780
In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
CVE-2025-8677
Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. bind9.18-9.18.29-4.el9_6.2.src.rpm
    MD5: c7c498586d5924351eb5dca8f63a7ae8
    SHA-256: 624d6b90a9d035a48655df80b9c79e420618e6d6d4e204342905b95dd0632f97
    Size: 5.47 MB

Asianux Server 9 for x86_64
  1. bind9.18-9.18.29-4.el9_6.2.x86_64.rpm
    MD5: 794179222c74b781d7f2545db29f1d56
    SHA-256: 52fb13f257746d598b2460754d2316cd9e026c42dd59a3c937ce5a740d6ffed2
    Size: 528.98 kB
  2. bind9.18-chroot-9.18.29-4.el9_6.2.x86_64.rpm
    MD5: 6784fe45dbe26f9dee4beed1d7b92554
    SHA-256: c7369163a7a91a725c5cc06d51dc833cba7617ca61822577d28a3d6acc2013f5
    Size: 15.73 kB
  3. bind9.18-devel-9.18.29-4.el9_6.2.i686.rpm
    MD5: 77f34126c24b5c978cf1c1799aa67a22
    SHA-256: 3b7ad8d08595d9d8429ee7c2ae2f07559d13b2bffdfb753540d1a3e0db96a081
    Size: 337.86 kB
  4. bind9.18-devel-9.18.29-4.el9_6.2.x86_64.rpm
    MD5: bb28b33ebc8ab39aeb7e091f2537ea35
    SHA-256: 43e77a84e2a68f2fccab541d1e1887e276ee7b65757d6383898400f39f0f693f
    Size: 337.93 kB
  5. bind9.18-dnssec-utils-9.18.29-4.el9_6.2.x86_64.rpm
    MD5: 01a4486ff7d921485d0f7a9c2f6de518
    SHA-256: 59133d72058afddb28145a77613e9867c4d7241c06ed704c56603d77e5b56b9a
    Size: 149.42 kB
  6. bind9.18-doc-9.18.29-4.el9_6.2.noarch.rpm
    MD5: 0439c640dd8c94f877dc42211899963f
    SHA-256: 805dd517dcb70becbc1047508da09b71830b9f3656ec40ec3b559e7edb51fae6
    Size: 2.70 MB
  7. bind9.18-libs-9.18.29-4.el9_6.2.i686.rpm
    MD5: f38332b72def31eba3828c12a14046e4
    SHA-256: f88e64501846634e20437bcdc7e7d50e5243bac41c30dde9c78e54d7a74652e3
    Size: 1.34 MB
  8. bind9.18-libs-9.18.29-4.el9_6.2.x86_64.rpm
    MD5: 039a747c93c338fa997d7b69e96c4c8f
    SHA-256: 6533be9e5387cf24e5efc29f18ef39d75cffb404535c9ca2c0f71d6c2b002219
    Size: 1.25 MB
  9. bind9.18-utils-9.18.29-4.el9_6.2.x86_64.rpm
    MD5: 9386a5506e76db2c5e0ed46b494d9b88
    SHA-256: a270c3a1650160417fe6c5585ea7cdae0620ed8d2e04550d8a860228b8e28a69
    Size: 223.11 kB