Red Hat Product Errata RHSA-2021:1468 - Security Advisory
Issued:
2021-04-29
Updated:
2021-04-29

RHSA-2021:1468 - Security Advisory

Synopsis

Important: bind security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for bind is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

  • bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, the BIND daemon (named) will be restarted automatically.

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x

Fixes

  • BZ - 1953857 - CVE-2021-25215 bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

Red Hat Enterprise Linux Server 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.11.src.rpm SHA-256: e7c9c94bf8609e7f2a3ec20f53ce048fa9b7587fa5a5f85d4c12bcb673ed120a
x86_64
bind-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 243eb6b649e1d1b7f1efb2b586dc88e8f8f9d76224243ada696b1e36c29afa8a
bind-chroot-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: bd4d64802cbe19f40f7b32d85bbcc0a4b79ed87460ccdc6a38e9a1d53173920e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5191fa653a01523c47d8d9ec6a0ba41fc3dbebbc87f5208f9165e81ce8c397c3
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 71623565d5e6503cb07ccbcf54400ab46549bc772504fee363aae254986d500c
bind-devel-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: a7da15c755553a4ab41168985adad88bc4539f531eb03ec21b213c4d64d12bb5
bind-devel-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 343090dd55eb8cd9eab5ba8128f611b1757b0669def0b0af1a2a670605169b0b
bind-libs-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 565c40a4ebae44169b9b259e28e387f43561962ac1dc79ea1e3dc594e9b1c0f0
bind-libs-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 02f29a25f25868516680974d55f0dd6d24080b3364c7b228a5df03199c3ac39c
bind-sdb-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: b4dfc05f99de9151f52d8206eca60d6684c2bd0e96255a8d7a7ab34e77a12780
bind-utils-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 7b5209e76c431e932f31f12fd53acd064b91a76188591f928362d940bc73a2c8

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.11.src.rpm SHA-256: e7c9c94bf8609e7f2a3ec20f53ce048fa9b7587fa5a5f85d4c12bcb673ed120a
x86_64
bind-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 243eb6b649e1d1b7f1efb2b586dc88e8f8f9d76224243ada696b1e36c29afa8a
bind-chroot-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: bd4d64802cbe19f40f7b32d85bbcc0a4b79ed87460ccdc6a38e9a1d53173920e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5191fa653a01523c47d8d9ec6a0ba41fc3dbebbc87f5208f9165e81ce8c397c3
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5191fa653a01523c47d8d9ec6a0ba41fc3dbebbc87f5208f9165e81ce8c397c3
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 71623565d5e6503cb07ccbcf54400ab46549bc772504fee363aae254986d500c
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 71623565d5e6503cb07ccbcf54400ab46549bc772504fee363aae254986d500c
bind-devel-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: a7da15c755553a4ab41168985adad88bc4539f531eb03ec21b213c4d64d12bb5
bind-devel-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 343090dd55eb8cd9eab5ba8128f611b1757b0669def0b0af1a2a670605169b0b
bind-libs-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 565c40a4ebae44169b9b259e28e387f43561962ac1dc79ea1e3dc594e9b1c0f0
bind-libs-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 02f29a25f25868516680974d55f0dd6d24080b3364c7b228a5df03199c3ac39c
bind-sdb-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: b4dfc05f99de9151f52d8206eca60d6684c2bd0e96255a8d7a7ab34e77a12780
bind-utils-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 7b5209e76c431e932f31f12fd53acd064b91a76188591f928362d940bc73a2c8
i386
bind-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 86d62e11b1d956bf50ca5a889fded99e344453ae1208dcaceb600fefb5eadc7d
bind-chroot-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: b4f07fd1f55323ef5bae8489deb35bf3811340f6c3b6781ca505836ace7b686b
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5191fa653a01523c47d8d9ec6a0ba41fc3dbebbc87f5208f9165e81ce8c397c3
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5191fa653a01523c47d8d9ec6a0ba41fc3dbebbc87f5208f9165e81ce8c397c3
bind-devel-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: a7da15c755553a4ab41168985adad88bc4539f531eb03ec21b213c4d64d12bb5
bind-libs-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 565c40a4ebae44169b9b259e28e387f43561962ac1dc79ea1e3dc594e9b1c0f0
bind-sdb-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 2458d87d6270c46d05771c38dfb2674cf9ca07b502df6e2cb3a3f7589d6b1f10
bind-utils-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5fc7504a9aaa3933b34fd6fb00cabd4957fb63a7020a790e600ed544549ff00e

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.11.src.rpm SHA-256: e7c9c94bf8609e7f2a3ec20f53ce048fa9b7587fa5a5f85d4c12bcb673ed120a
s390x
bind-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 1ce8b2299b79163effcdcfb2fcfa104fceea0451edbf3eac42a2d13a3b061c62
bind-chroot-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 027d936442f633d6550d799babd2374912cab8aceda721a1de24c291c88ddbae
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.s390.rpm SHA-256: db103fc9d7768df3da94cc865e4b53b39ec4504efe6325b51cfd778e9ea8460f
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.s390.rpm SHA-256: db103fc9d7768df3da94cc865e4b53b39ec4504efe6325b51cfd778e9ea8460f
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: e5fefe410c770f30d6822a59b649f116569bb1f2a4462c7f2995f1ee87104b5f
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: e5fefe410c770f30d6822a59b649f116569bb1f2a4462c7f2995f1ee87104b5f
bind-devel-9.8.2-0.68.rc1.el6_10.11.s390.rpm SHA-256: 6170d36f58d949b843874079e8250efdab537b9a8d3a68512542e1d6d5737a2c
bind-devel-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 923f18a0bda4f6180195791ff55cd72d7157dbbe31b554414b44c700c280bb19
bind-libs-9.8.2-0.68.rc1.el6_10.11.s390.rpm SHA-256: 084b1b01b19ba6b1f4b1aef9701e4e47e287e46466122198bf9ddb7177e3bc7e
bind-libs-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 30c52da0d949120c644fc7634540dfc16d4f23a7eed9bd65bc5a4d1b87f2b27b
bind-sdb-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 6110c7a637da462b21da85cb00623c0e36b6d627aa02ba8abd1339968069da19
bind-utils-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 07be7f1da32f7da53042ba2208db1870ba026cf4dd8904bb521330b3ac6a6abc

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.11.src.rpm SHA-256: e7c9c94bf8609e7f2a3ec20f53ce048fa9b7587fa5a5f85d4c12bcb673ed120a
x86_64
bind-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 243eb6b649e1d1b7f1efb2b586dc88e8f8f9d76224243ada696b1e36c29afa8a
bind-chroot-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: bd4d64802cbe19f40f7b32d85bbcc0a4b79ed87460ccdc6a38e9a1d53173920e
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5191fa653a01523c47d8d9ec6a0ba41fc3dbebbc87f5208f9165e81ce8c397c3
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5191fa653a01523c47d8d9ec6a0ba41fc3dbebbc87f5208f9165e81ce8c397c3
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 71623565d5e6503cb07ccbcf54400ab46549bc772504fee363aae254986d500c
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 71623565d5e6503cb07ccbcf54400ab46549bc772504fee363aae254986d500c
bind-devel-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: a7da15c755553a4ab41168985adad88bc4539f531eb03ec21b213c4d64d12bb5
bind-devel-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 343090dd55eb8cd9eab5ba8128f611b1757b0669def0b0af1a2a670605169b0b
bind-libs-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 565c40a4ebae44169b9b259e28e387f43561962ac1dc79ea1e3dc594e9b1c0f0
bind-libs-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 02f29a25f25868516680974d55f0dd6d24080b3364c7b228a5df03199c3ac39c
bind-sdb-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: b4dfc05f99de9151f52d8206eca60d6684c2bd0e96255a8d7a7ab34e77a12780
bind-utils-9.8.2-0.68.rc1.el6_10.11.x86_64.rpm SHA-256: 7b5209e76c431e932f31f12fd53acd064b91a76188591f928362d940bc73a2c8
i386
bind-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 86d62e11b1d956bf50ca5a889fded99e344453ae1208dcaceb600fefb5eadc7d
bind-chroot-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: b4f07fd1f55323ef5bae8489deb35bf3811340f6c3b6781ca505836ace7b686b
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5191fa653a01523c47d8d9ec6a0ba41fc3dbebbc87f5208f9165e81ce8c397c3
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5191fa653a01523c47d8d9ec6a0ba41fc3dbebbc87f5208f9165e81ce8c397c3
bind-devel-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: a7da15c755553a4ab41168985adad88bc4539f531eb03ec21b213c4d64d12bb5
bind-libs-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 565c40a4ebae44169b9b259e28e387f43561962ac1dc79ea1e3dc594e9b1c0f0
bind-sdb-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 2458d87d6270c46d05771c38dfb2674cf9ca07b502df6e2cb3a3f7589d6b1f10
bind-utils-9.8.2-0.68.rc1.el6_10.11.i686.rpm SHA-256: 5fc7504a9aaa3933b34fd6fb00cabd4957fb63a7020a790e600ed544549ff00e

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6

SRPM
bind-9.8.2-0.68.rc1.el6_10.11.src.rpm SHA-256: e7c9c94bf8609e7f2a3ec20f53ce048fa9b7587fa5a5f85d4c12bcb673ed120a
s390x
bind-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 1ce8b2299b79163effcdcfb2fcfa104fceea0451edbf3eac42a2d13a3b061c62
bind-chroot-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 027d936442f633d6550d799babd2374912cab8aceda721a1de24c291c88ddbae
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.s390.rpm SHA-256: db103fc9d7768df3da94cc865e4b53b39ec4504efe6325b51cfd778e9ea8460f
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.s390.rpm SHA-256: db103fc9d7768df3da94cc865e4b53b39ec4504efe6325b51cfd778e9ea8460f
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: e5fefe410c770f30d6822a59b649f116569bb1f2a4462c7f2995f1ee87104b5f
bind-debuginfo-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: e5fefe410c770f30d6822a59b649f116569bb1f2a4462c7f2995f1ee87104b5f
bind-devel-9.8.2-0.68.rc1.el6_10.11.s390.rpm SHA-256: 6170d36f58d949b843874079e8250efdab537b9a8d3a68512542e1d6d5737a2c
bind-devel-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 923f18a0bda4f6180195791ff55cd72d7157dbbe31b554414b44c700c280bb19
bind-libs-9.8.2-0.68.rc1.el6_10.11.s390.rpm SHA-256: 084b1b01b19ba6b1f4b1aef9701e4e47e287e46466122198bf9ddb7177e3bc7e
bind-libs-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 30c52da0d949120c644fc7634540dfc16d4f23a7eed9bd65bc5a4d1b87f2b27b
bind-sdb-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 6110c7a637da462b21da85cb00623c0e36b6d627aa02ba8abd1339968069da19
bind-utils-9.8.2-0.68.rc1.el6_10.11.s390x.rpm SHA-256: 07be7f1da32f7da53042ba2208db1870ba026cf4dd8904bb521330b3ac6a6abc

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.