net-dns/bind-9.16.3 is affected by two security issues: It is possible to trigger an assertion when attempting to fill an oversized TCP buffer. This was disclosed in CVE-2020-8618. [GL #1850] It is possible to trigger an INSIST failure when a zone with an interior wildcard label was queried in a certain pattern. This was disclosed in CVE-2020-8619. [GL #1111] [GL #1718] Reproducible: Always
Thanks for your report. This is already being tracked as bug 728590. *** This bug has been marked as a duplicate of bug 728590 ***