Headline
RHSA-2023:4005: Red Hat Security Advisory: bind security update
An update for bind is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-2828: A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly.
Synopsis
Important: bind security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for bind is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
- bind: named’s configured cache size limit can be significantly exceeded (CVE-2023-2828)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x
Fixes
- BZ - 2216227 - CVE-2023-2828 bind: named’s configured cache size limit can be significantly exceeded
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
SRPM
bind-9.16.23-1.el9_0.2.src.rpm
SHA-256: d079fada890e34fa3a50cbc7b28bf88d4db356da38037be3bee67a9440dd5e51
x86_64
bind-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: fa189e69829a3e19736860548f405a188cfea9685c9eea641493d5bffa2f1d96
bind-chroot-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 6ab9af5576b4ae068f91934969aae03f600fdbac2db3f7c159c197f738c85751
bind-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 37644b8e63c3b860c09ffe71e157354c549923cf586b3c3b57e49e39d864f217
bind-debugsource-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 089f580eaedb23fbddb2922f9673b3bacfc33c802e650c224911d178743f7708
bind-dnssec-doc-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: b20b4b7047788be2197a3199fbf07e845f5969edfc80e120b8800d0fb490cb57
bind-dnssec-utils-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 7e79a42044f1c6b6bc7d08fbe7bc7c753a0f1a276de648e00ffad8fb7e3a6711
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: d145a24012c6cbc2c41161653091501a0a647ed97c399b537676158a5639f618
bind-libs-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: b42d2b9b0a9685cedce5016f5181aea220e4b5c74b58080154719cd8ae8541f4
bind-libs-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 900d57840309ea055db336f5104051bdd58854e098084a84eae66003b1af32eb
bind-license-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: ba135b7d5e9fa0ce1eaae6d112adcd5c41583c3c5da92f0a8d9407b5adc75054
bind-utils-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 0b944fc8491610392c36cbbf3b53af3bb341b78651ffe28be375785fb0d884bf
bind-utils-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 96634f95914bbdb98f982e99f105aaa67449ac57d0aec882a145152e7f6d6210
python3-bind-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: 42862e1c7f2bdec5fc829991aca12efa30a42ae458c62827466ba2dfed7e3db8
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0
SRPM
bind-9.16.23-1.el9_0.2.src.rpm
SHA-256: d079fada890e34fa3a50cbc7b28bf88d4db356da38037be3bee67a9440dd5e51
s390x
bind-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 038c4fa6965dafc2d86fe6c7bc95eb70642a9f18b8c6b6742a7a98c457413c42
bind-chroot-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 5fa2864af6a14945ae95acc5cf46b7276cc0b0f2515bac7534938164c0d2ee2a
bind-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 22169909a6b6e3e7da42606ff047a53342c73f37e330b5fbcb1eff45338bc3a1
bind-debugsource-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: f3baed66598b59780529c8d8105ce0dc484d0a395584b0588460331e2aa41290
bind-dnssec-doc-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: b20b4b7047788be2197a3199fbf07e845f5969edfc80e120b8800d0fb490cb57
bind-dnssec-utils-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: cbd8ada96a6ca091c408438a21168478f46002cf8845a032f76ff45bf635cc27
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: f305402ed76ed1544f9d877f2e636a3791df785a9b14100efd853be17e7c8939
bind-libs-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 32ec4ff09f5c36923ebc6b7a55d09c5e9411d2a9029f0a21fa56596c75d2ba85
bind-libs-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 5baa889364c5e02dd73d7ff2ef13e2ae6a8095fd7e57a81a75611c4f5f177226
bind-license-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: ba135b7d5e9fa0ce1eaae6d112adcd5c41583c3c5da92f0a8d9407b5adc75054
bind-utils-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: ec4db502ee6f2464df232d0fe50777977943130ced45ee4c0137bad4a710f5da
bind-utils-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: b31642aeb81b8adea5cc5ace0794bb7b30c9f0bee390d5de94b44e49dedb47e2
python3-bind-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: 42862e1c7f2bdec5fc829991aca12efa30a42ae458c62827466ba2dfed7e3db8
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
SRPM
bind-9.16.23-1.el9_0.2.src.rpm
SHA-256: d079fada890e34fa3a50cbc7b28bf88d4db356da38037be3bee67a9440dd5e51
ppc64le
bind-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: b0ed7059ca20e705b26747e570eb11e769063f6c89a8851b2e81073e16acff84
bind-chroot-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: b7952a733b51cb390bf40f96f0f9776880f726a4b7a1af60712cac1a4e0f00df
bind-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 268c825604e546b0c80d76b98112dfb0460d0e3d706e111f3346a2a1001b98d4
bind-debugsource-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: e147e3e68bc6be31e7f5dc44db9daf8f38a3992f5b51c2214f149841dcf53f19
bind-dnssec-doc-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: b20b4b7047788be2197a3199fbf07e845f5969edfc80e120b8800d0fb490cb57
bind-dnssec-utils-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 2be8b40f8dce0a10de48aa6851802c6be910119d28fcc136dc8ac3ec7e15dc8c
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 56ab80a81583a826e47866ea4678387059528012cbaf13e97288e89f9816ab0b
bind-libs-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 7ad73acd20464f5af0394ebe4d65233759c111225818f0ae04a9e4f1044dfb46
bind-libs-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 00089f76c0e6e79f14403deed7afcf26d74f0ef3b593f32f95bf00baa5ef2485
bind-license-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: ba135b7d5e9fa0ce1eaae6d112adcd5c41583c3c5da92f0a8d9407b5adc75054
bind-utils-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 8643167c862ece6c8dfa4147d17c40f64363b1e2baeb21a643007bc55c1afa26
bind-utils-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 1e9b805eae7a63348be7c2001f2f971d93b79135babd9854cfd0813db379bf66
python3-bind-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: 42862e1c7f2bdec5fc829991aca12efa30a42ae458c62827466ba2dfed7e3db8
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0
SRPM
bind-9.16.23-1.el9_0.2.src.rpm
SHA-256: d079fada890e34fa3a50cbc7b28bf88d4db356da38037be3bee67a9440dd5e51
aarch64
bind-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 9004123175e934428053ae5db6b7ed1d92c415df2b546dc2bb19afa0704ada5e
bind-chroot-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 4558435a8376ae7381de797906af403199b927d255b9ea417fc60eba52f2d69d
bind-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: b5d937928bea539754792d0b78c7b075b5ac752e8207729696781699d8ef048e
bind-debugsource-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: e780cb4d7373bab0ccf7bb3b8c46acfc5896072dfc2047a28328d04ad188f824
bind-dnssec-doc-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: b20b4b7047788be2197a3199fbf07e845f5969edfc80e120b8800d0fb490cb57
bind-dnssec-utils-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: cd6c650bdbc2b098adbfac454e73ac11ef10c57ad83309a8c5ea19e2c930782b
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 3960a6f3b1e21c86999c29209ebd38d696382a67b02cb73435e054bcefa48a2c
bind-libs-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 7223bcb1aff38d3c81a323ad5f72947a9abba012fdef573f66d69137676c3056
bind-libs-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 25286e9980add504c5c6368e8e218904304a5a0cc6fb505ee2d622982a629941
bind-license-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: ba135b7d5e9fa0ce1eaae6d112adcd5c41583c3c5da92f0a8d9407b5adc75054
bind-utils-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 4b35ce0c438e5e4126d4f4c711402f662a435301e6ce280368f5937f3b0502e3
bind-utils-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 8cc4ae7434cc4225054dad0dc807d77fcd095cb47bcfea19b52ee610fee2cd54
python3-bind-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: 42862e1c7f2bdec5fc829991aca12efa30a42ae458c62827466ba2dfed7e3db8
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
SRPM
bind-9.16.23-1.el9_0.2.src.rpm
SHA-256: d079fada890e34fa3a50cbc7b28bf88d4db356da38037be3bee67a9440dd5e51
ppc64le
bind-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: b0ed7059ca20e705b26747e570eb11e769063f6c89a8851b2e81073e16acff84
bind-chroot-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: b7952a733b51cb390bf40f96f0f9776880f726a4b7a1af60712cac1a4e0f00df
bind-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 268c825604e546b0c80d76b98112dfb0460d0e3d706e111f3346a2a1001b98d4
bind-debugsource-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: e147e3e68bc6be31e7f5dc44db9daf8f38a3992f5b51c2214f149841dcf53f19
bind-dnssec-doc-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: b20b4b7047788be2197a3199fbf07e845f5969edfc80e120b8800d0fb490cb57
bind-dnssec-utils-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 2be8b40f8dce0a10de48aa6851802c6be910119d28fcc136dc8ac3ec7e15dc8c
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 56ab80a81583a826e47866ea4678387059528012cbaf13e97288e89f9816ab0b
bind-libs-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 7ad73acd20464f5af0394ebe4d65233759c111225818f0ae04a9e4f1044dfb46
bind-libs-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 00089f76c0e6e79f14403deed7afcf26d74f0ef3b593f32f95bf00baa5ef2485
bind-license-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: ba135b7d5e9fa0ce1eaae6d112adcd5c41583c3c5da92f0a8d9407b5adc75054
bind-utils-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 8643167c862ece6c8dfa4147d17c40f64363b1e2baeb21a643007bc55c1afa26
bind-utils-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 1e9b805eae7a63348be7c2001f2f971d93b79135babd9854cfd0813db379bf66
python3-bind-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: 42862e1c7f2bdec5fc829991aca12efa30a42ae458c62827466ba2dfed7e3db8
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
SRPM
bind-9.16.23-1.el9_0.2.src.rpm
SHA-256: d079fada890e34fa3a50cbc7b28bf88d4db356da38037be3bee67a9440dd5e51
x86_64
bind-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: fa189e69829a3e19736860548f405a188cfea9685c9eea641493d5bffa2f1d96
bind-chroot-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 6ab9af5576b4ae068f91934969aae03f600fdbac2db3f7c159c197f738c85751
bind-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 37644b8e63c3b860c09ffe71e157354c549923cf586b3c3b57e49e39d864f217
bind-debugsource-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 089f580eaedb23fbddb2922f9673b3bacfc33c802e650c224911d178743f7708
bind-dnssec-doc-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: b20b4b7047788be2197a3199fbf07e845f5969edfc80e120b8800d0fb490cb57
bind-dnssec-utils-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 7e79a42044f1c6b6bc7d08fbe7bc7c753a0f1a276de648e00ffad8fb7e3a6711
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: d145a24012c6cbc2c41161653091501a0a647ed97c399b537676158a5639f618
bind-libs-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: b42d2b9b0a9685cedce5016f5181aea220e4b5c74b58080154719cd8ae8541f4
bind-libs-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 900d57840309ea055db336f5104051bdd58854e098084a84eae66003b1af32eb
bind-license-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: ba135b7d5e9fa0ce1eaae6d112adcd5c41583c3c5da92f0a8d9407b5adc75054
bind-utils-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 0b944fc8491610392c36cbbf3b53af3bb341b78651ffe28be375785fb0d884bf
bind-utils-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 96634f95914bbdb98f982e99f105aaa67449ac57d0aec882a145152e7f6d6210
python3-bind-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: 42862e1c7f2bdec5fc829991aca12efa30a42ae458c62827466ba2dfed7e3db8
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0
SRPM
x86_64
bind-debuginfo-9.16.23-1.el9_0.2.i686.rpm
SHA-256: e744b40f80e4cfddb596f6619240f67ed03f53c68a6bd0e6682fa1801fa1e0bd
bind-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 37644b8e63c3b860c09ffe71e157354c549923cf586b3c3b57e49e39d864f217
bind-debugsource-9.16.23-1.el9_0.2.i686.rpm
SHA-256: 5c71a0fdc44037bfd43a20fd47ed1cd745f5198202773bd392627edc4274d8ae
bind-debugsource-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 089f580eaedb23fbddb2922f9673b3bacfc33c802e650c224911d178743f7708
bind-devel-9.16.23-1.el9_0.2.i686.rpm
SHA-256: 9274e95c240af5900a8b5d5a0d3ffb3f384a658d1b0a855416bfa916c3450dc7
bind-devel-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 7c3080451388f4705ffbd0841bc960941ea4aef768fa569ff55cd4b437e8a743
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.i686.rpm
SHA-256: 1db59bed9ff69b43b0bd24772f340554e0fc9dbb8682f024c639f6539ee700cf
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: d145a24012c6cbc2c41161653091501a0a647ed97c399b537676158a5639f618
bind-libs-9.16.23-1.el9_0.2.i686.rpm
SHA-256: a52b3677f316a115924ee6bdf5d706c173bd352473135751b206b0adc6a657ad
bind-libs-debuginfo-9.16.23-1.el9_0.2.i686.rpm
SHA-256: e3f12372af460943c31c4b132482796ed79fe0bf17d4242c489ef5e734a75327
bind-libs-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 900d57840309ea055db336f5104051bdd58854e098084a84eae66003b1af32eb
bind-utils-debuginfo-9.16.23-1.el9_0.2.i686.rpm
SHA-256: d611dfc8c631451a1ec23da10f6f425e783791bf32241109cb3fb67e82ca26e5
bind-utils-debuginfo-9.16.23-1.el9_0.2.x86_64.rpm
SHA-256: 96634f95914bbdb98f982e99f105aaa67449ac57d0aec882a145152e7f6d6210
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0
SRPM
ppc64le
bind-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 268c825604e546b0c80d76b98112dfb0460d0e3d706e111f3346a2a1001b98d4
bind-debugsource-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: e147e3e68bc6be31e7f5dc44db9daf8f38a3992f5b51c2214f149841dcf53f19
bind-devel-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: a11328290c7abdfe623675ce3ff39cf8aa733deca6fb86e45e2fab03ab19bc9c
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 56ab80a81583a826e47866ea4678387059528012cbaf13e97288e89f9816ab0b
bind-libs-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 00089f76c0e6e79f14403deed7afcf26d74f0ef3b593f32f95bf00baa5ef2485
bind-utils-debuginfo-9.16.23-1.el9_0.2.ppc64le.rpm
SHA-256: 1e9b805eae7a63348be7c2001f2f971d93b79135babd9854cfd0813db379bf66
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0
SRPM
s390x
bind-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 22169909a6b6e3e7da42606ff047a53342c73f37e330b5fbcb1eff45338bc3a1
bind-debugsource-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: f3baed66598b59780529c8d8105ce0dc484d0a395584b0588460331e2aa41290
bind-devel-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 45b8d51f9d15efaed705c96b8b59481b77120e40553c8bcb031e8025d7e39577
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: f305402ed76ed1544f9d877f2e636a3791df785a9b14100efd853be17e7c8939
bind-libs-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 5baa889364c5e02dd73d7ff2ef13e2ae6a8095fd7e57a81a75611c4f5f177226
bind-utils-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: b31642aeb81b8adea5cc5ace0794bb7b30c9f0bee390d5de94b44e49dedb47e2
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0
SRPM
aarch64
bind-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: b5d937928bea539754792d0b78c7b075b5ac752e8207729696781699d8ef048e
bind-debugsource-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: e780cb4d7373bab0ccf7bb3b8c46acfc5896072dfc2047a28328d04ad188f824
bind-devel-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 5c9851d9fe12c6675aab874b426033f9c4192a549f980e0ccdfeffc2d5a29fbe
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 3960a6f3b1e21c86999c29209ebd38d696382a67b02cb73435e054bcefa48a2c
bind-libs-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 25286e9980add504c5c6368e8e218904304a5a0cc6fb505ee2d622982a629941
bind-utils-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 8cc4ae7434cc4225054dad0dc807d77fcd095cb47bcfea19b52ee610fee2cd54
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0
SRPM
bind-9.16.23-1.el9_0.2.src.rpm
SHA-256: d079fada890e34fa3a50cbc7b28bf88d4db356da38037be3bee67a9440dd5e51
aarch64
bind-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 9004123175e934428053ae5db6b7ed1d92c415df2b546dc2bb19afa0704ada5e
bind-chroot-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 4558435a8376ae7381de797906af403199b927d255b9ea417fc60eba52f2d69d
bind-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: b5d937928bea539754792d0b78c7b075b5ac752e8207729696781699d8ef048e
bind-debugsource-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: e780cb4d7373bab0ccf7bb3b8c46acfc5896072dfc2047a28328d04ad188f824
bind-dnssec-doc-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: b20b4b7047788be2197a3199fbf07e845f5969edfc80e120b8800d0fb490cb57
bind-dnssec-utils-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: cd6c650bdbc2b098adbfac454e73ac11ef10c57ad83309a8c5ea19e2c930782b
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 3960a6f3b1e21c86999c29209ebd38d696382a67b02cb73435e054bcefa48a2c
bind-libs-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 7223bcb1aff38d3c81a323ad5f72947a9abba012fdef573f66d69137676c3056
bind-libs-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 25286e9980add504c5c6368e8e218904304a5a0cc6fb505ee2d622982a629941
bind-license-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: ba135b7d5e9fa0ce1eaae6d112adcd5c41583c3c5da92f0a8d9407b5adc75054
bind-utils-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 4b35ce0c438e5e4126d4f4c711402f662a435301e6ce280368f5937f3b0502e3
bind-utils-debuginfo-9.16.23-1.el9_0.2.aarch64.rpm
SHA-256: 8cc4ae7434cc4225054dad0dc807d77fcd095cb47bcfea19b52ee610fee2cd54
python3-bind-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: 42862e1c7f2bdec5fc829991aca12efa30a42ae458c62827466ba2dfed7e3db8
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0
SRPM
bind-9.16.23-1.el9_0.2.src.rpm
SHA-256: d079fada890e34fa3a50cbc7b28bf88d4db356da38037be3bee67a9440dd5e51
s390x
bind-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 038c4fa6965dafc2d86fe6c7bc95eb70642a9f18b8c6b6742a7a98c457413c42
bind-chroot-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 5fa2864af6a14945ae95acc5cf46b7276cc0b0f2515bac7534938164c0d2ee2a
bind-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 22169909a6b6e3e7da42606ff047a53342c73f37e330b5fbcb1eff45338bc3a1
bind-debugsource-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: f3baed66598b59780529c8d8105ce0dc484d0a395584b0588460331e2aa41290
bind-dnssec-doc-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: b20b4b7047788be2197a3199fbf07e845f5969edfc80e120b8800d0fb490cb57
bind-dnssec-utils-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: cbd8ada96a6ca091c408438a21168478f46002cf8845a032f76ff45bf635cc27
bind-dnssec-utils-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: f305402ed76ed1544f9d877f2e636a3791df785a9b14100efd853be17e7c8939
bind-libs-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 32ec4ff09f5c36923ebc6b7a55d09c5e9411d2a9029f0a21fa56596c75d2ba85
bind-libs-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: 5baa889364c5e02dd73d7ff2ef13e2ae6a8095fd7e57a81a75611c4f5f177226
bind-license-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: ba135b7d5e9fa0ce1eaae6d112adcd5c41583c3c5da92f0a8d9407b5adc75054
bind-utils-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: ec4db502ee6f2464df232d0fe50777977943130ced45ee4c0137bad4a710f5da
bind-utils-debuginfo-9.16.23-1.el9_0.2.s390x.rpm
SHA-256: b31642aeb81b8adea5cc5ace0794bb7b30c9f0bee390d5de94b44e49dedb47e2
python3-bind-9.16.23-1.el9_0.2.noarch.rpm
SHA-256: 42862e1c7f2bdec5fc829991aca12efa30a42ae458c62827466ba2dfed7e3db8
Related news
Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code execution. The Australian software services provider said that the four high-severity flaws were fixed in new versions shipped last month. This includes - CVE-2022-25647 (CVSS score: 7.5) - A deserialization
Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.
Multicluster Engine for Kubernetes 2.1.8 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37466: A flaw was found in the vm2 Promise handler sanitization, which allows attackers to esc...
The Migration Toolkit for Containers (MTC) 1.7.12 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24532: A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.
Multicluster Engine for Kubernetes 2.2.7 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37903: A flaw was found in the vm2 custom inspect function, which allows attackers to escape t...
Red Hat Security Advisory 2023-4625-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
Red Hat OpenShift Service Mesh 2.3.6 Containers Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35941: A flaw was found in Envoy, where a malicious client can construct credentials with permanent validity in a specific scenario. This issue is caused by some rare scenarios, such as the combination of host and expiration time, in which the HMAC payload can always be valid in the OAuth2 filter's HMAC check. * CVE-2023-35942: A flaw was found in Envoy, where gRPC access lo...
Red Hat OpenShift Service Mesh 2.4.2 Containers Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35941: A flaw was found in Envoy, where a malicious client can construct credentials with permanent validity in a specific scenario. This issue is caused by some rare scenarios, such as the combination of host and expiration time, in which the HMAC payload can always be valid in the OAuth2 filter's HMAC check. * CVE-2023-35943: A flaw was found in Envoy. Suppose an origin he...
Red Hat Security Advisory 2023-4310-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.46. Issues addressed include denial of service and out of bounds read vulnerabilities.
An update for bind is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2828: A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a ...
Red Hat Security Advisory 2023-4226-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.6.
Red Hat Security Advisory 2023-4225-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.6.
Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...
Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
Red Hat Security Advisory 2023-4152-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
Red Hat Security Advisory 2023-4153-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2828: A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly.
An update for bind is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2828: A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, ef...
An update for bind is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2828: A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly.
Red Hat Security Advisory 2023-4037-01 - An update for bind9.16 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
An update for bind9.16 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2828: A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly.
Red Hat Security Advisory 2023-4005-02 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
Debian Linux Security Advisory 5439-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.
The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439), two flaws in VMware (CVE-2023-20867 and CVE-2023-20887), and one shortcoming impacting Zyxel
Ubuntu Security Notice 6183-1 - Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled the cache size limit. A remote attacker could possibly use this issue to consume memory, leading to a denial of service. It was discovered that Bind incorrectly handled the recursive-clients quota. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04.
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9...