[SECURITY] [DSA 6181-1] bind9 security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6181-1] bind9 security update
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 27 Mar 2026 22:42:59 +0000
Message-id: <[🔎] E1w6FtL-00000009yVZ-2wlK@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6181-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
March 27, 2026                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : bind9
CVE ID         : CVE-2026-1519 CVE-2026-3104 CVE-2026-3119 CVE-2026-3591

Several vulnerabilities were discovered in BIND, a DNS server
implementation, which may result in bypass of ACL restrictions or denial
of service.

For the oldstable distribution (bookworm), these problems have been
fixed in version 1:9.18.47-1~deb12u1. The oldstable distribution is only
affected by CVE-2026-1519.

For the stable distribution (trixie), these problems have been fixed in
version 1:9.20.21-1~deb13u1.

We recommend that you upgrade your bind9 packages.

For the detailed security status of bind9 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/bind9

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmnHB4VfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q+JQ//RoJGJCNIQijxrUuNT0MhanrKHnapc+3hrKJ7WYmA4PcgjcxSoDPUG/g6
Gcut9ZcKKlqX6RoXoUl3b4Kf0K176PUkBmYrDvUw1lqW1nH7JYQ3aE3D/7+1purL
hFMxWHcChaogr5uQu1aJlBiUnQnSXWezT/MhkP2GWCjRhMrV0uHlPUb179EatPtQ
A3JQwGZAoKA61DQo5dIuRfHMYCQuSX3HS3EtpLgc0CMJk4+aH7PflkMB2VO/e8wU
iA9TgQ5mpMtMpaVhWKXZTw+utYTGAm0oX0W4J7fRgM9/sipQt9+CXCdFJPxP8dhq
I87rr7jmSwdPYCYKX/4aVWeLoc97TzXWJkO4jELUYyoSK7M7M2Uau3I2X/VT0lDQ
/DeiaierxSx4qWqmTCA+a4hoiUJ3CHYRsatO28HfIg+7J899+GbsuqRcb1Fhm8GA
mPw2z/Q/tb6Xin1CeevilT7MlAAKgWlQprKadUbCFrvFNO/v+OlxDT0whIsSRFlk
iKOovfSllHvVabdEiqE5uEWAOdZ6kerFox1LcWJdtdQNcAGLYiUr7VxOk7svaozu
hpdmGMshtQ+yT7p9XNXTC0+dOZKw4kWBpkx86mOQ7Y5aK4I9IUPVHMiElc6l3yFq
sGKwwEoQFQclBRxufRREx5JrAaGnLKVbOmMjTJ8XD9KZ3OLBoms=
=BUs3
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6180-1] ruby-rack security update
Next by Date: [SECURITY] [DSA 6182-1] libxml-parser-perl security update
Previous by thread: [SECURITY] [DSA 6180-1] ruby-rack security update
Next by thread: [SECURITY] [DSA 6182-1] libxml-parser-perl security update
Index(es):
- Date
- Thread