[website] r1716 - html/trunk/blfs/advisories

Wed, 17 Feb 2021 22:06:11 -0800 

Author: renodr
Date: Wed Feb 17 22:06:01 2021
New Revision: 1716

Log:
Security Advisories: File 10.0-093 for BIND

Modified:
   html/trunk/blfs/advisories/10.0.html
   html/trunk/blfs/advisories/consolidated.html

Modified: html/trunk/blfs/advisories/10.0.html
==============================================================================
--- html/trunk/blfs/advisories/10.0.html        Mon Feb 15 14:17:49 2021        
(r1715)
+++ html/trunk/blfs/advisories/10.0.html        Wed Feb 17 22:06:01 2021        
(r1716)
@@ -42,6 +42,12 @@
 
     <h3>BIND</h3>
 
+    <h4>10.0 093 BIND  Date: 2021-02-18  Severity: High</h4>
+    <p>A security vulnerability was found in BIND that could result in a crash
+    or potentially remote code execution if the server uses GSSAPI/SPNEGO.
+    Update to BIND-9.16.12 or later.
+    <a href="consolidated.html#10.0-093">10.0-093</a></p>
+
     <h4>10.0 005 BIND  Date: 2020-09-05  Severity: High</h4>
     <p>A variety of vulnerabilities were found in BIND. Most could cause a 
crash
     but one allows privilege escalation by someone with authority to change a 
subset

Modified: html/trunk/blfs/advisories/consolidated.html
==============================================================================
--- html/trunk/blfs/advisories/consolidated.html        Mon Feb 15 14:17:49 
2021        (r1715)
+++ html/trunk/blfs/advisories/consolidated.html        Wed Feb 17 22:06:01 
2021        (r1716)
@@ -75,6 +75,18 @@
     the longer term who knows what will happen to packages (e.g. getting
     replaced or archived). See the gstreamer links re 1.16 for an example of
     linking to a released book (old 10.0) -->
+    <a id="10.0-093">
+    <h4>10.0 093 BIND         Date: 2021-02-18 Severity: High</h4>
+    <p>In bind-9.16.12, a security vulnerability was fixed that could allow
+    remote unauthenticated users to crash the named process if the server
+    is configured to use SPNEGO/GSSAPI. This is classified as a buffer
+    overflow vulnerability.
+    This has been assigned
+    <a 
href="https://nvd.nist.gov/vuln/detail/CVE-2020-8625";>CVE-2020-8625</a>.</p>
+    <p>To fix this, update to at least BIND-9.16.12 using the instructions in
+    <a href="../view/svn/server/bind.html">BIND (sysv)</a> or
+    <a href="../view/systemd/server/bind.html">BIND (systemd)</a>.</p>
+
     <a id="10.0-092">
     <h4>10.0 092 Taglib       Date: 2021-02-15 Severity: Medium</h4>
     <p>In taglib-1.11.1, a security vulnerability was found that may lead to
-- 
http://lists.linuxfromscratch.org/listinfo/website
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to