Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 688388 (CVE-2019-6471) - net-dns/bind - A race condition when discarding malformed packets can cause BIND to exit with an assertion failure
Summary: net-dns/bind - A race condition when discarding malformed packets can caus...
Status: RESOLVED FIXED
Alias: CVE-2019-6471
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://kb.isc.org/docs/cve-2019-6471
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-20 12:27 UTC by Jeroen Roovers
Modified: 2019-08-07 09:39 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers gentoo-dev 2019-06-20 12:27:26 UTC
Today ISC disclosed a vulnerability in our BIND software.

Information about the vulnerability can be found in the ISC Knowledge
Base:

   CVE-2019-6471:  A race condition when discarding malformed
   packets can cause BIND to exit with an assertion failure
   https://kb.isc.org/docs/cve-2019-6471

New maintenance releases of BIND released today contain the fix
for the vulnerability along with other bug fixes and feature
improvements.  They may be downloaded from the ISC web site's
download page (https://www.isc.org/downloads)

   -  9.11.8
   -  9.12.4-P2
   -  9.14.3
   -  9.15.1

With the public disclosure of these vulnerabilities, parties which
had been given advance notice concerning them are released from
non-disclosure and packagers and redistributors are encouraged to
publish updated packages containing fixes.