Description: A vulnerability has been reported in BIND, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when invoking the "query_addsoa()" function. This can be exploited to cause the nameserver to exit by sending a specially crafted sequence of queries. Successful exploitation requires that "recursion" is enabled. The vulnerability is reported in BIND version 9.4.0, and BIND versions 9.5.0a1, 9.5.0a2, and 9.5.0a3. Solution: Update to BIND 9.4.1.
bind and bind-tools bumped to 9.4.1.
Thx Konstantin. Closing with NO GLSA since 9.4 is not stable yet.