[SECURITY] [DLA 2227-1] bind9 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : bind9
Version : 1:9.9.5.dfsg-9+deb8u19
CVE ID : CVE-2020-8616 CVE-2020-8617
Several vulnerabilities were discovered in BIND, a DNS server
implementation.
CVE-2020-8616
It was discovered that BIND does not sufficiently limit the number
of fetches performed when processing referrals. An attacker can take
advantage of this flaw to cause a denial of service (performance
degradation) or use the recursing server in a reflection attack with
a high amplification factor.
CVE-2020-8617
It was discovered that a logic error in the code which checks TSIG
validity can be used to trigger an assertion failure, resulting in
denial of service.
For Debian 8 "Jessie", these problems have been fixed in version
1:9.9.5.dfsg-9+deb8u19.
We recommend that you upgrade your bind9 packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl7SwphfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEepBhAAo6iJ4M1N7XAGtAm+13K/LWEIx0wxHVsWaD96N+Zwu8417MzavbZQA9AX
W2L3NDTJRJrXl0PdVIOTB0uWKlFFKWF7epxwESt2Y6zRso5SWlNYIHaDJ84DjfuT
4My8JZfHF+C0IFGVJ6XcyyxGhuKzY6ZCS1SYdyr5Cb/K2sqHxpEk1M15a4V5wiXN
ZbuHIRsVdS6dkMWXYKAxgnVppeFwhZKZPMnfccSf07tCplgo1FbbO0fHb/DGs38H
C1XgiZx96wF+iJrAtSB0CmTzL6y1pyYBl2ugA40B0rESRFEmGTZuihYBCu61scDQ
6K0cBAGRdTB2GzUCoSgJm7b96xHz+2lrlFI6HD6BIvQHcUvdjs42jjtUK8w0sYvm
vR57WR1tiCW5m+b6Xj+6f0LlHpocJZhAQPDrY/vpcccidEqnUaiyXt697Y4pIGFU
JaIQaG3RlY3aWyGMoVa5zQ+BZpTk/wAOJ+qbxDeBBSr+SVrgJBCtDXijBtuQo/Qw
hJa/gWkO5JeXyao/pS/u0i+84LjRbNoTZWUR+PuWMtyMfHjZuuplLD3SiQyAydUC
QJNpB3vYv7gG4TXt2Tn0GG9QkXp7qlOTrndVmp9WaeaHRI5B0kmyIGW0g1S3KbbP
v0rPYz1NNwOFTrInSH82CdC1htGbfXM2ar+krygFcIN/qwx3XBQ=
=yDy1
-----END PGP SIGNATURE-----
Reply to: