Synopsis

Important: bind security update

Type/Severity

Security Advisory: Important

Topic

An update for bind is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

• bind: processing of certain records when "deny-answer-aliases" is in use may trigger an assert leading to a denial of service (CVE-2018-5740)
  

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, the BIND daemon (named) will be restarted automatically.

Affected Products

• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux Desktop 6 i386
• Red Hat Enterprise Linux for IBM z Systems 6 s390x
• Red Hat Enterprise Linux for Power, big endian 6 ppc64
• Red Hat Enterprise Linux for Scientific Computing 6 x86_64

Fixes

• BZ - 1613595 - CVE-2018-5740 bind: processing of certain records when "deny-answer-aliases" is in use may trigger an assert leading to a denial of service

CVEs

• CVE-2018-5740

References

• https://access.redhat.com/security/updates/classification/#important
• https://kb.isc.org/article/AA-01639

Red Hat Enterprise Linux Server 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.1.src.rpm	SHA-256: a18268bbca7f84677133bdc2d226820371fb3532febd760b5b42721c3076b185
x86_64
bind-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: ac1634d98099fe4b795e92f301415dbaa42698f583b1f714b28336b638c96e7f
bind-chroot-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 5f286140ca54291d033410f25e9e3bdf63002996410495cdf52d72cad9a41311
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: efd90ecd81efb5ce1ab35f122e99b25c2ed1cecdd36ba4383e6cecb81eed2f5b
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: efd90ecd81efb5ce1ab35f122e99b25c2ed1cecdd36ba4383e6cecb81eed2f5b
bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 8732d4292d6ffdcf0c95f86cb4ef73446dcbd0c52c5d6b7f8883a0ead6dafaa9
bind-devel-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: f6c53047b85c3f34101171540616d2856896580f1f0c7a5019d8ae7c7dc6e2c5
bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 949567813c2a0beebfb68a69e2606baca7f0991c4289dafce28df3afb8d8b4ae
bind-libs-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 47ed11dd9f38952a9eb922487651c8d406d20a915d4d85e9249dd9b2983a4518
bind-sdb-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 88dc0305d9afe9fd7656f7b4099a4fb4f400e5fb0b86d23cca80c6f1eddd26b5
bind-utils-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 5369ec34b761856219b645c5dc23b3a8f6b4db32f0c60df9c16766c730bfc9ad
i386
bind-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: bff2ccbe567564466f5d80a39f3d01f50ba6c0b1bcedb7b8ebad571e996ccdce
bind-chroot-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: b49cf93f29b648c899a511cbb829549ec9ae02245986d2b0238c0ff3ca7b4da8
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 8732d4292d6ffdcf0c95f86cb4ef73446dcbd0c52c5d6b7f8883a0ead6dafaa9
bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 949567813c2a0beebfb68a69e2606baca7f0991c4289dafce28df3afb8d8b4ae
bind-sdb-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 1d651b6c6c86c4e045d48d103812f442b28a420cbafc718ce5622f7040e46f8f
bind-utils-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 6521f3e30392ddccbf1603927871a3000c092e7add272a342ace4da1108e3239

Red Hat Enterprise Linux Workstation 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.1.src.rpm	SHA-256: a18268bbca7f84677133bdc2d226820371fb3532febd760b5b42721c3076b185
x86_64
bind-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: ac1634d98099fe4b795e92f301415dbaa42698f583b1f714b28336b638c96e7f
bind-chroot-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 5f286140ca54291d033410f25e9e3bdf63002996410495cdf52d72cad9a41311
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: efd90ecd81efb5ce1ab35f122e99b25c2ed1cecdd36ba4383e6cecb81eed2f5b
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: efd90ecd81efb5ce1ab35f122e99b25c2ed1cecdd36ba4383e6cecb81eed2f5b
bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 8732d4292d6ffdcf0c95f86cb4ef73446dcbd0c52c5d6b7f8883a0ead6dafaa9
bind-devel-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: f6c53047b85c3f34101171540616d2856896580f1f0c7a5019d8ae7c7dc6e2c5
bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 949567813c2a0beebfb68a69e2606baca7f0991c4289dafce28df3afb8d8b4ae
bind-libs-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 47ed11dd9f38952a9eb922487651c8d406d20a915d4d85e9249dd9b2983a4518
bind-sdb-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 88dc0305d9afe9fd7656f7b4099a4fb4f400e5fb0b86d23cca80c6f1eddd26b5
bind-utils-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 5369ec34b761856219b645c5dc23b3a8f6b4db32f0c60df9c16766c730bfc9ad
i386
bind-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: bff2ccbe567564466f5d80a39f3d01f50ba6c0b1bcedb7b8ebad571e996ccdce
bind-chroot-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: b49cf93f29b648c899a511cbb829549ec9ae02245986d2b0238c0ff3ca7b4da8
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 8732d4292d6ffdcf0c95f86cb4ef73446dcbd0c52c5d6b7f8883a0ead6dafaa9
bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 949567813c2a0beebfb68a69e2606baca7f0991c4289dafce28df3afb8d8b4ae
bind-sdb-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 1d651b6c6c86c4e045d48d103812f442b28a420cbafc718ce5622f7040e46f8f
bind-utils-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 6521f3e30392ddccbf1603927871a3000c092e7add272a342ace4da1108e3239

Red Hat Enterprise Linux Desktop 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.1.src.rpm	SHA-256: a18268bbca7f84677133bdc2d226820371fb3532febd760b5b42721c3076b185
x86_64
bind-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: ac1634d98099fe4b795e92f301415dbaa42698f583b1f714b28336b638c96e7f
bind-chroot-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 5f286140ca54291d033410f25e9e3bdf63002996410495cdf52d72cad9a41311
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: efd90ecd81efb5ce1ab35f122e99b25c2ed1cecdd36ba4383e6cecb81eed2f5b
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: efd90ecd81efb5ce1ab35f122e99b25c2ed1cecdd36ba4383e6cecb81eed2f5b
bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 8732d4292d6ffdcf0c95f86cb4ef73446dcbd0c52c5d6b7f8883a0ead6dafaa9
bind-devel-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: f6c53047b85c3f34101171540616d2856896580f1f0c7a5019d8ae7c7dc6e2c5
bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 949567813c2a0beebfb68a69e2606baca7f0991c4289dafce28df3afb8d8b4ae
bind-libs-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 47ed11dd9f38952a9eb922487651c8d406d20a915d4d85e9249dd9b2983a4518
bind-sdb-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 88dc0305d9afe9fd7656f7b4099a4fb4f400e5fb0b86d23cca80c6f1eddd26b5
bind-utils-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 5369ec34b761856219b645c5dc23b3a8f6b4db32f0c60df9c16766c730bfc9ad
i386
bind-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: bff2ccbe567564466f5d80a39f3d01f50ba6c0b1bcedb7b8ebad571e996ccdce
bind-chroot-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: b49cf93f29b648c899a511cbb829549ec9ae02245986d2b0238c0ff3ca7b4da8
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 8732d4292d6ffdcf0c95f86cb4ef73446dcbd0c52c5d6b7f8883a0ead6dafaa9
bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 949567813c2a0beebfb68a69e2606baca7f0991c4289dafce28df3afb8d8b4ae
bind-sdb-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 1d651b6c6c86c4e045d48d103812f442b28a420cbafc718ce5622f7040e46f8f
bind-utils-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 6521f3e30392ddccbf1603927871a3000c092e7add272a342ace4da1108e3239

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.1.src.rpm	SHA-256: a18268bbca7f84677133bdc2d226820371fb3532febd760b5b42721c3076b185
s390x
bind-9.8.2-0.68.rc1.el6_10.1.s390x.rpm	SHA-256: b5a4d33c2ba5e51c855af4eda4d02e788e8d7b10c5003abea51af5e39bfd68a0
bind-chroot-9.8.2-0.68.rc1.el6_10.1.s390x.rpm	SHA-256: 5ca228781b63a66c6975ed30d39220d25fc39dcb9e18c12c26b747565b1d282a
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.s390.rpm	SHA-256: 536c4dde78882dbeffb96cc878f49ac83344be9ff630913af01c1c38a0d6f7c6
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.s390.rpm	SHA-256: 536c4dde78882dbeffb96cc878f49ac83344be9ff630913af01c1c38a0d6f7c6
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.s390x.rpm	SHA-256: decf69e3f4d2dc6b447c5ce722b707029170b24086eb2ae95029475421528281
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.s390x.rpm	SHA-256: decf69e3f4d2dc6b447c5ce722b707029170b24086eb2ae95029475421528281
bind-devel-9.8.2-0.68.rc1.el6_10.1.s390.rpm	SHA-256: d5da79b03a35955f4758e966364b2ce2e776f0765daa287d7d1540aa60a0594e
bind-devel-9.8.2-0.68.rc1.el6_10.1.s390x.rpm	SHA-256: 3f5fd0a93cde4f5a1957b613d79ca5ed5b1ede04b4649ec286fbb4f2e94efbeb
bind-libs-9.8.2-0.68.rc1.el6_10.1.s390.rpm	SHA-256: fee2cb0b201aca0e0c65e2f0e0839840672592bcdf11dc604035903f3b80f989
bind-libs-9.8.2-0.68.rc1.el6_10.1.s390x.rpm	SHA-256: c0d0b3c4c7945f1dcce4269a7fad5c059e347f088457fd29e22b6881fa5c40c9
bind-sdb-9.8.2-0.68.rc1.el6_10.1.s390x.rpm	SHA-256: b271b31cac911ba090b601fd1288c3b48771909b0aa047dde71c26e47851767a
bind-utils-9.8.2-0.68.rc1.el6_10.1.s390x.rpm	SHA-256: 3dda4f5d03114917e44dc7539900f8dda51d48477392e3df4c0668572d32f31b

Red Hat Enterprise Linux for Power, big endian 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.1.src.rpm	SHA-256: a18268bbca7f84677133bdc2d226820371fb3532febd760b5b42721c3076b185
ppc64
bind-9.8.2-0.68.rc1.el6_10.1.ppc64.rpm	SHA-256: cad2df819e8c3085debb8387a9882e17f8c11b2508ce3ac52a098095f5972ace
bind-chroot-9.8.2-0.68.rc1.el6_10.1.ppc64.rpm	SHA-256: c9888a2e6d245150bc76a67aea581d40708c65de0a6ea7f5cb48f48963507876
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.ppc.rpm	SHA-256: d22e78789f5e3a1d814fd57b9dfdfe302c7225ce9a190d318dddb59e395d13a9
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.ppc.rpm	SHA-256: d22e78789f5e3a1d814fd57b9dfdfe302c7225ce9a190d318dddb59e395d13a9
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.ppc64.rpm	SHA-256: 0d65aa2a01cf08d12d8b52085ccbbad042e3771551ca010f665db3768d381965
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.ppc64.rpm	SHA-256: 0d65aa2a01cf08d12d8b52085ccbbad042e3771551ca010f665db3768d381965
bind-devel-9.8.2-0.68.rc1.el6_10.1.ppc.rpm	SHA-256: 10a908d1eea7d241dd3955ef5401fd67b739d488feddeed61a696c4bb6f7fbff
bind-devel-9.8.2-0.68.rc1.el6_10.1.ppc64.rpm	SHA-256: 0b08828937f0ef6ebe0ac3438139d6c58ad9d37c46736e400bf692f401b09069
bind-libs-9.8.2-0.68.rc1.el6_10.1.ppc.rpm	SHA-256: c622fcf9b8dc0b2a8a38e4b43c422e33e36a3f85b417cb25081c3b3352b03376
bind-libs-9.8.2-0.68.rc1.el6_10.1.ppc64.rpm	SHA-256: 0f42b5e62d3213a1d2103df268a449abd80b1511fe35661936316450a0911c16
bind-sdb-9.8.2-0.68.rc1.el6_10.1.ppc64.rpm	SHA-256: 61fc7cc2f79c836bbbbfda077be1f5fb0ec514c31a629f105e8526015fd03626
bind-utils-9.8.2-0.68.rc1.el6_10.1.ppc64.rpm	SHA-256: 509ccba37670dde0d56f576a6a28d2c242d12c3cf42f18ebafddc8ff2667082e

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.1.src.rpm	SHA-256: a18268bbca7f84677133bdc2d226820371fb3532febd760b5b42721c3076b185
x86_64
bind-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: ac1634d98099fe4b795e92f301415dbaa42698f583b1f714b28336b638c96e7f
bind-chroot-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 5f286140ca54291d033410f25e9e3bdf63002996410495cdf52d72cad9a41311
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: f756203f61905f72fc5b9ae5acde5358ce8b52221eeca87020c13d60adae602e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: efd90ecd81efb5ce1ab35f122e99b25c2ed1cecdd36ba4383e6cecb81eed2f5b
bind-debuginfo-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: efd90ecd81efb5ce1ab35f122e99b25c2ed1cecdd36ba4383e6cecb81eed2f5b
bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 8732d4292d6ffdcf0c95f86cb4ef73446dcbd0c52c5d6b7f8883a0ead6dafaa9
bind-devel-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: f6c53047b85c3f34101171540616d2856896580f1f0c7a5019d8ae7c7dc6e2c5
bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm	SHA-256: 949567813c2a0beebfb68a69e2606baca7f0991c4289dafce28df3afb8d8b4ae
bind-libs-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 47ed11dd9f38952a9eb922487651c8d406d20a915d4d85e9249dd9b2983a4518
bind-sdb-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 88dc0305d9afe9fd7656f7b4099a4fb4f400e5fb0b86d23cca80c6f1eddd26b5
bind-utils-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm	SHA-256: 5369ec34b761856219b645c5dc23b3a8f6b4db32f0c60df9c16766c730bfc9ad