BIND: Multiple vulnerabilities — GLSA 201903-13

Multiple vulnerabilities have been found in BIND, the worst of which could result in a Denial of Service condition.

Affected packages

net-dns/bind on all architectures
Affected versions < 9.12.1_p2-r1
Unaffected versions >= 9.12.1_p2-r1

Background

BIND (Berkeley Internet Name Domain) is a Name Server.

Description

Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details.

Impact

BIND can improperly permit recursive query service to unauthorized clients possibly resulting in a Denial of Service condition or to be used in DNS reflection attacks.

Workaround

There is no known workaround at this time.

Resolution

All bind users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-dns/bind-9.12.1_p2-r1"
 

References

Release date
March 14, 2019

Latest revision
March 14, 2019: 1

Severity
normal

Exploitable
remote

Bugzilla entries