Comparto.
Saludos.
HM
-------- Forwarded Message --------
Subject: [lacnog] Fwd: 4 vulnerabiidades en Bind 9 y sus patches.
Date: Thu, 17 Mar 2022 08:37:48 -0300
From: Graciela Martinez <[email protected]>
Reply-To: Latin America and Caribbean Region Network Operators Group
<[email protected]>
To: Latin America and Caribbean Region Network Operators Group
<[email protected]>
Buen día,
Les comparto esta información por si es de vuestro interés.
Se divulagron 4 vulnerabilidades en BIND 9
CVE-2021-25220: DNS forwarders - cache poisoning vulnerability
https://kb.isc.org/docs/CVE-2021-25220
CVE-2022-0396: DoS from specifically crafted TCP packets
https://kb.isc.org/docs/cve-2022-0396
CVE-2022-0635: DNAME insist with synth-from-dnssec enabled
https://kb.isc.org/docs/cve-2022-0635
CVE-2022-0667: Assertion failure on delayed DS lookup
https://kb.isc.org/docs/cve-2022-0667
Las nuevas versiones están disponibles en https://www.isc.org/downloads
Para los 3 releases estables 9.11. 9.16 y 9.18 los patches se pueden
acceder acá:
https://downloads.isc.org/isc/bind9/9.11.37/patches/
https://downloads.isc.org/isc/bind9/9.16.27/patches/
https://downloads.isc.org/isc/bind9/9.18.1/patches/
Gracias por su atención.
Saludos,
Ing. Graciela Martínez Giordano
*Líder de LACNIC CSIRT*
Head of LACNIC CSIRT
/LACNIC - www.lacnic.net <http://www.lacnic.net>
Latin American and Caribbean Internet Addresses Registry/
_______________________________________________
LACNOG mailing list
[email protected]
https://mail.lacnic.net/mailman/listinfo/lacnog
Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
_______________________________________________
Lista mailing list
[email protected]
http://mailmancabase.interdotnet.com.ar/mailman/listinfo/lista
