* CVE-2021-25214 Description: "When a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed." Advisory: https://kb.isc.org/docs/cve-2021-25214 * CVE-2021-25215 Description: "When a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check." Advisory: https://kb.isc.org/docs/cve-2021-25215 * CVE-2021-25216 Description: "BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting values for the tkey-gssapi-keytab or tkey-gssapi-credential configuration options." Advisory: https://kb.isc.org/docs/cve-2021-25216 --- Please bump to 9.16.15.
bind-9.16.15 is available upstreams and compiles as expected.
No glsa for this bug.