Mageia 2021-0110: bind security update
Summary
A buffer overflow vulnerability was discovered in the SPNEGO implementation
affecting the GSSAPI security policy negotiation in BIND, which could result in
denial of service (daemon crash), or potentially the execution of arbitrary
code (CVE-2020-8625).
The default configuration is not vulnerable to this issue, but it is if the
tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options are set.
References
- https://bugs.mageia.org/show_bug.cgi?id=28394
- https://kb.isc.org/docs/cve-2020-8625
- https://www.debian.org/security/2021/dsa-4857
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625
Resolution
MGASA-2021-0110 - Updated bind packages fix security vulnerability
SRPMS
- 7/core/bind-9.11.6-1.3.mga7
- 8/core/bind-9.11.27-1.1.mga8