From b7b97785ebbb2f11d24d14dab8b81ed274f4ce6a Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Tue, 19 Mar 2019 11:37:34 +0000 Subject: gentoo resync : 19.03.2019 --- metadata/glsa/glsa-201903-13.xml | 52 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 metadata/glsa/glsa-201903-13.xml (limited to 'metadata/glsa/glsa-201903-13.xml') diff --git a/metadata/glsa/glsa-201903-13.xml b/metadata/glsa/glsa-201903-13.xml new file mode 100644 index 000000000000..11e3fcfdcde5 --- /dev/null +++ b/metadata/glsa/glsa-201903-13.xml @@ -0,0 +1,52 @@ + + + + BIND: Multiple vulnerabilities + Multiple vulnerabilities have been found in BIND, the worst of + which could result in a Denial of Service condition. + + bind + 2019-03-14 + 2019-03-14 + 657654 + 666946 + remote + + + 9.12.1_p2-r1 + 9.12.1_p2-r1 + + + +

BIND (Berkeley Internet Name Domain) is a Name Server.

+ + +

Multiple vulnerabilities have been discovered in BIND. Please review the + CVE identifiers referenced below for details. +

+ + +

BIND can improperly permit recursive query service to unauthorized + clients possibly resulting in a Denial of Service condition or to be used + in DNS reflection attacks. +

+ + +

There is no known workaround at this time.

+ + +

All bind users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=net-dns/bind-9.12.1_p2-r1" + + + + CVE-2018-5738 + CVE-2018-5740 + CVE-2018-5741 + + BlueKnight + BlueKnight + -- cgit v1.2.3