A new bind package with the fix for the CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216 within OracleLinux 6 ELS released

Extended-OL

A new bind package with the fix for the CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216 within OracleLinux 6 extended lifecycle support is now available for download from our production repository.

Changelog

bind-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64

CVE-2021-25214: A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly
CVE-2021-25215: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
CVE-2021-25216: A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack

Update command

yum update bind*

A new bind package with the fix for the CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216 within OracleLinux 6 ELS released

Apr 29, 2021 10:35:48 AM

Inessa Atmachian

Extended-OL

Changelog

bind-9.8.2-0.68.rc1.el6_10.10.cloudlinux.els.x86_64

CVE-2021-25214: A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly
CVE-2021-25215: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
CVE-2021-25216: A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack

Update command

yum update bind*

Looking for “how to” content?

A new bind package with the fix for the CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216 within OracleLinux 6 ELS released

Changelog

Update command

A new bind package with the fix for the CVE-2021-25214, CVE-2021-25215, and CVE-2021-25216 within OracleLinux 6 ELS released

Changelog

Update command

WEB SERVER SECURITY BLOG

Subscribe to CloudLinux Newsletter