Red Hat Product Errata RHSA-2020:3471 - Security Advisory

Issued:: 2020-08-18
Updated:: 2020-08-18

RHSA-2020:3471 - Security Advisory

Overview
Updated Packages

Synopsis

Important: bind security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for bind is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616)
bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, the BIND daemon (named) will be restarted automatically.

Affected Products

Red Hat Enterprise Linux Server - AUS 7.2 x86_64

Fixes

BZ - 1836118 - CVE-2020-8616 bind: BIND does not sufficiently limit the number of fetches performed when processing referrals
BZ - 1836124 - CVE-2020-8617 bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.2

SRPM
bind-9.9.4-29.el7_2.9.src.rpm	SHA-256: b978472c91ff4493125275f75a01ea4108a2c6efd095c0e3312af1817112e7d2
x86_64
bind-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: b9e7a0dd5ebfda9f4f5ed577dd34ae1befd877dc868ba54ecac0b50f15e0a53e
bind-chroot-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 12761c7b311558eca714c3ff24b5bf398aceba3f91603f6bb180d56bb8116f32
bind-debuginfo-9.9.4-29.el7_2.9.i686.rpm	SHA-256: d0ba2e26137d3d8adeadebc82c76121f13dcdab394de4daabfe8e2d849ed2618
bind-debuginfo-9.9.4-29.el7_2.9.i686.rpm	SHA-256: d0ba2e26137d3d8adeadebc82c76121f13dcdab394de4daabfe8e2d849ed2618
bind-debuginfo-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 989b469f8cbc79476883230644eb97378faa3ecbe2047fedebba520c1828c1cf
bind-debuginfo-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 989b469f8cbc79476883230644eb97378faa3ecbe2047fedebba520c1828c1cf
bind-devel-9.9.4-29.el7_2.9.i686.rpm	SHA-256: d4f381e3cfe98a622730974e43ee342bf2115916bf17ee091023af177dd387de
bind-devel-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 86891ee3f26cca75ca43390378bda1c99c4f78eddedf72c1876e1c7fe97a1e4f
bind-libs-9.9.4-29.el7_2.9.i686.rpm	SHA-256: 34f924e7162373d958ae8482bcbe8f4f031c209f07b9461f4a19a0cbf7e3862f
bind-libs-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 693a09362e0031a770baa9a47d15d0b391bf1694a6c2ebe636909fb11e2020ac
bind-libs-lite-9.9.4-29.el7_2.9.i686.rpm	SHA-256: 38f3cc51cef1e12e5fa987991595611cd7af65b433c8690d70263a21180e4979
bind-libs-lite-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 2b5c385d84d324d5c27922da6a884e904f56d62a26742d84063e50a39ddd91cc
bind-license-9.9.4-29.el7_2.9.noarch.rpm	SHA-256: ec4896533c7fe9e0d19e0e0d58e28e9184b9b4b169932a58d1b9bb3e36b9b8f9
bind-lite-devel-9.9.4-29.el7_2.9.i686.rpm	SHA-256: d8455a7ea9f95244c9859a860ba0f801165f62bc43472a56d985ce8a2d0e746f
bind-lite-devel-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 47763b44b2f3e13f444669bc740dafdd7788ce5599f36d9f9c33651b1147298b
bind-pkcs11-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: cbcbf7b5ae4b5f283142790d47e4e6d33887262e0bf33ba041e5692d9b02ac6f
bind-pkcs11-devel-9.9.4-29.el7_2.9.i686.rpm	SHA-256: a3955457748c8e6223a8ec1ddfc788aa7ab145bd90986a80bd258114a6ce7e99
bind-pkcs11-devel-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 9ec9ebee07ee3f6fb15a8ff0efc479405f5044b86152c08f14d935695d989f8b
bind-pkcs11-libs-9.9.4-29.el7_2.9.i686.rpm	SHA-256: f9216b7262e3b4ddb7f651b9f11b47ebeb71445d5cc47609b461c2a92dd33990
bind-pkcs11-libs-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 7c4560ad1a323a37118393a1c26777c42db5c5bc2435dc314b8feb06d16319fb
bind-pkcs11-utils-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 503fef47058ab77ee04cb8491a066fe9d9e4e9254ee61105f39c7976a60e2371
bind-sdb-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: e46fccbb61606cfe6de72b3a022907210153209cd091917acd08d98e9b2d664e
bind-sdb-chroot-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: 7707ad3e8e4d4833d34478bac3eabfc18df581288073f4c8da2010d8d61c0fc2
bind-utils-9.9.4-29.el7_2.9.x86_64.rpm	SHA-256: e10344e416449b9f55117482b792dc274a311e4dd3c8e9e279f950997ea23363

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories