var-202005-1028
Vulnerability from variot

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor. XACK DNS Is a corporation XACK Provides DNS Software for servers. XACK DNS In general NXNSAttack Service disruption due to a problem called (DoS) There are vulnerabilities that can be attacked. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. IPA Report to JPCERT/CC Coordinated with the developer.The following service operation interruptions by a remote third party (DoS) You may be attacked. -Increases the load of the full resolver and reduces performance. ・ Abuse the full resolver as a stepping stone for reflection attacks.

CVE-2019-6477

It was discovered that TCP-pipelined queries can bypass tcp-client
limits resulting in denial of service.

For the oldstable distribution (stretch), these problems have been fixed in version 1:9.10.3.dfsg.P4-12.3+deb9u6.

For the stable distribution (buster), these problems have been fixed in version 1:9.11.5.P4+dfsg-5.1+deb10u1.

We recommend that you upgrade your bind9 packages.

For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bind9

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl7ENhhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TG0w//d/ZEG5TM8bmDZSBkB0n+JZ9S1ZOuRbETrtXAYnI1DjQZzk427PR9Vm39 tMbe2UOmYgxD/UybCL7tGNsNqFo4iRrefnEU47I8nWp1szCo9MsUbl9itmZfprGF lOvMvyklu8WZFXLSHOntOEKANv5k/ygq9ux4t/YWpL4jdpfCR+fdECfr16vV5XkR inKQuGDokmDs0E+bJHKUGWTcTsTXmcFZIaurKx+IeHAyQxbEmV1qiJHQKtvkmp9s kUlNyrfs1tLXM+JeQK0GtPTJuiMpznkisvC1/hJVPNy2kvGl+5pZ6LRB7BzuswSp HokcQ4p8BIw1LAGXq+TvnJaQd+mfHHfasI2FS+XRWEos92bF1+TlxFW4gTLghMYV ssuK4nBIbvucrNXc2Wcm7n/1UxEiAiT7Zf9mKFBdBxZSxz8ueLh2js0SKxH9GTBF Rx6x1NXGLI9u9QQgOOzyQh8ClRLC1Z2UtHQLLITTT7UlnXRSO1OvmJEFFuA+0E5/ FK2zzpD8a3+cHS5O1+a1LihqiwxDkFJXNY/d/BSLAoNeYyGjgQq/1AgoEbjVDO4o ye6ttRSaaMUS8rvUrE9U4PfSyclHke+filK4KURkY7kZ+UEH7XH2jCZunW/POpKp WIBvqVSEK6qTYWji5Ayucm2tgmUMIxV+tH1Im2Im6HjrP/pyGrs= =SqNI -----END PGP SIGNATURE----- . 7.4) - noarch, x86_64

  1. 6) - i386, x86_64

  2. Solution:

For OpenShift Container Platform 4.3 see the following documentation, which will be updated shortly for release 4.3.25, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:

https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel ease-notes.html

Details on how to access this content are available at https://docs.openshift.com/container-platform/4.3/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/):

1808130 - CVE-2020-1750 machine-config-operator-container: mmap stressor makes the cluster unresponsive

  1. Description:

OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.

Additional Changes:

This update also fixes several bugs and adds various enhancements.

This advisory contains the following OpenShift Virtualization 2.4.0 images:

RHEL-7-CNV-2.4

kubevirt-ssp-operator-container-v2.4.0-71

RHEL-8-CNV-2.4

virt-cdi-controller-container-v2.4.0-29 virt-cdi-uploadproxy-container-v2.4.0-29 hostpath-provisioner-container-v2.4.0-25 virt-cdi-operator-container-v2.4.0-29 kubevirt-metrics-collector-container-v2.4.0-18 cnv-containernetworking-plugins-container-v2.4.0-36 kubevirt-kvm-info-nfd-plugin-container-v2.4.0-18 hostpath-provisioner-operator-container-v2.4.0-31 virt-cdi-uploadserver-container-v2.4.0-29 virt-cdi-apiserver-container-v2.4.0-29 virt-controller-container-v2.4.0-58 virt-cdi-cloner-container-v2.4.0-29 kubevirt-template-validator-container-v2.4.0-21 vm-import-operator-container-v2.4.0-21 kubernetes-nmstate-handler-container-v2.4.0-37 node-maintenance-operator-container-v2.4.0-27 virt-operator-container-v2.4.0-58 kubevirt-v2v-conversion-container-v2.4.0-23 cnv-must-gather-container-v2.4.0-73 virtio-win-container-v2.4.0-15 kubevirt-cpu-node-labeller-container-v2.4.0-19 ovs-cni-plugin-container-v2.4.0-37 kubevirt-vmware-container-v2.4.0-21 hyperconverged-cluster-operator-container-v2.4.0-70 virt-handler-container-v2.4.0-58 virt-cdi-importer-container-v2.4.0-29 virt-launcher-container-v2.4.0-58 kubevirt-cpu-model-nfd-plugin-container-v2.4.0-17 virt-api-container-v2.4.0-58 ovs-cni-marker-container-v2.4.0-38 kubemacpool-container-v2.4.0-39 cluster-network-addons-operator-container-v2.4.0-38 bridge-marker-container-v2.4.0-39 vm-import-controller-container-v2.4.0-21 hco-bundle-registry-container-v2.3.0-497

  1. Bugs fixed (https://bugzilla.redhat.com/):

1684772 - virt-launcher images do not have the edk2-ovmf package installed 1716329 - missing Status, Version and Label for a number of CNV components, and Status term inconsistency 1724978 - [RFE][v2v] Improve the way we display progress percent in UI 1725672 - CDI: getting error with "unknown reason" when trying to create UploadTokenRequest for a none existing pvc 1727117 - [RFE] Reduce installed libvirt components 1780473 - Delete VM is hanging if the corresponding template does not exist anymore 1787213 - KubeMacpool may not work from time to time since it is skipped when we face certificate issue. 1789564 - Failed to allocate a SRIOV VF to VMI 1795889 - internal IP shown on VMI spec instead of public one on VMI with guest-agent 1796342 - VM Failing to start since hard disk not ready 1802554 - [SSP] cpu-feature-lahf_lm and Conroe are enabled on one worker (test issue) 1805044 - No mem/filesystem/Network Utilization in VM overview 1806288 - [CDI] fails to import images that comes from url that reject HEAD requests 1806436 - [SSP] Windows common templates - Windows10 should be removed from windows-server templates, windows-server should not have desktop version 1811111 - All the VM templates are visible in the developer catalog but not really/easily instantiable 1811417 - Failed to install cnv-2.4 on top of ocp 4.4 (hco operator in crashLoopBackOff state) 1816518 - [SSP] Common templates - template name under objects -> metadata -> labels should be identical to the template actual name 1817080 - node maintenance CRD is marked with NonStructuralSchema condition 1819252 - kubevirt-ssp-operator cannot create ServiceMonitor object 1820651 - CDI import fails using block volume (available size -1) 1821209 - Debug log message looks unprofessional 1822079 - nmstate-handler fails to start and keeps restarting 1822315 - status.desiredState: doesn't pick the correct value and is null 1823342 - Invalid qcow2 image causes HTTP range error and difficult to read stack trace 1823699 - [CNV-2.4] Failing to deploy NetworkAddons 1823701 - [CNV-2.4] when a single component is failing, HCO can continue reporting outdated negative conditions also on other components 1825801 - [CNV-2.4] Failing to deploy due issues in CRD of cluster network operator 1826044 - [CNV-2.4] Failing to deploy due issues in CRD of cluster host-path-provisioner operator 1827257 - VMs' connectivity is available even the two VMs are in different vlan 1828401 - misconfigured prow job e2e-aws-4.5-cnv resulting in step e2e-aws failed: step needs a lease but no lease client provided 1829376 - VMs with blank block volumes fail to spin up 1830780 - virt-v2v-wrapper - 0% VM migration progress in UI 1831536 - kubevirt-{handler,apiserver,controller} service accounts added to the privileged SCC 1832179 - [virt] VM with runStrategy attribute (instead of 'running' attribute) does not have 'RUNNING' state in cli 1832283 - [SSP operator] Common templates and template_validator are missing after clean installation 1832291 - SSP installation is successful even with some components missing 1832769 - [kubevirt version] is not reported correctly 1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters 1833376 - Hardcoded VMware-vix-disklib version 6 - import fail with version 7 1833786 - kubevirt hyperconverged-cluster-operator deploy_marketplace.sh fails in disconnected cluster 1834253 - VMs are stuck in Starting state 1835242 - Can't query SSP CRs after upgrade from 2.3 to 2.4 1835426 - [RFE] Provide a clear error message when VM and VMI name does not match 1836792 - [CNV deployment] kubevirt components are missing 1837182 - VMI virt-launcher reaches Error state after running for 10-24 hours 1837670 - Specifying "Ubuntu 18.04 LTS" force the Conroe CPU model 1838066 - [CNV deployment] kubevirt failing to create cpu-plugin-configmap obsoleteCPUs 1838424 - [Installation] CNV 2.4.0 virt-handler and kubevirt-node-labeller pods are not showing up 1839982 - [CNV][DOC] Lack of explanation for StorageClass default accessMode in openshift-cnv kubevirt-storage-class-defaults 1840047 - [CNV-2.4] virt-handler failing on /usr/bin/container-disk: no such file or directory 1840220 - [CNV-2.4] node-maintenance-operator failing to create deployment - invalid format of manifest 1840652 - Upgrade indication is missing 1841065 - [v2v] RHV to CNV: VM import fail on network mapping validation 1841325 - [CNV][V2V] VM migration fails if VMWare host isn't under Cluster but directly under Datacenter 1841505 - [CNV-2.4] virt-template-validator container fails to start 1842869 - vmi cannot be scheduled, because node labeller doesn't report correct labels 1842958 - [SSP] Fail to create Windows VMs from templates - windows-cd-bus validation added but cdrom is missing from the template 1843219 - node-labeller SCC is privileged, which appears too relaxed 1843456 - virt-launcher goes from running to error state due to panic: timed out waiting for domain to be defined 1843467 - [CNV network KMP] kubemacpool causes worker node to be Ready,SchedulingDisabled 1843519 - HCO CR is not listed when running "kubectl get all" from command line 1843948 - [Network operator] Upgrade from 2.3 to 2.4 - Network operator fails to upgrade ovs-cni pods, upgrade is not completed 1844057 - [CNV-2.4] cluster-network-addons-operator failing to start 1844105 - [SSP operator] Upgrade from 2.3.0 to 2.4.0- SSP operator fails to upgrade node labeller and template validator 1844907 - kubemacpool deployment status errors regarding replicas 1845060 - Node-labeller is in pending state when node doesn't have kvm device 1845061 - Version displayed in Container Native Virtualization OperatorHub side panel 1845477 - [SSP] Template validator fails to "Extract the CA bundle"; template validator is not called when a VM is created 1845557 - [CNV-2.4] template validator webhook fails with certification issues 1845604 - [v2v] RHV to CNV VM import: Prevent a second vm-import from starting. 1845899 - [CNV-2.5] cluster-network-addons-operator failing to start 1845901 - Filesystem corruption related to smart clone 1847070 - vmi cannot be scheduled , qemu-kvm core dump 1847594 - pods in openshift-cnv namespace no longer have openshift.io/scc under metadata.annotations 1848004 - [CNV-2.5] Deployment fails on NetworkAddonsConfigNotAvailable 1848007 - [CNV-2.4] Deployment fails on NetworkAddonsConfigNotAvailable 1848951 - CVE-2020-14316 kubevirt: VMIs can be used to access host files 1849527 - [v2v] [api] VM import RHV to CNV importer should stop send requests to RHV if they are rejected because of wrong user/pass 1849915 - [v2v] VM import RHV to CNV: The timezone data is not available in the vm-import-controller image. 1850425 - [v2v][VM import RHV to CNV] Add validation for network target type in network mapping 1850467 - [v2v] [api] VM import RHV to CNV invalid target network type should not crash the controller 1850482 - [v2v][VM import from RHV to CNV] 2 nics are mapped to a new network though second was mapped to pod. 1850937 - kubemacpool fails in a specific order of components startup 1851856 - Deployment not progressing due to PriorityClass missing 1851886 - [CNV][V2V] VMWare pod is failing when running wizard to migrate from RHV 1852446 - [v2v][RHV to CNV VM import] Windows10 VM import fail on: timezone is not UTC-compatible 1853028 - CNV must-gather failure on CNV-QE BM-RHCOS environment 1853133 - [CNV-2.4] Deployment fails on KubeVirtMetricsAggregationNotAvailable 1853373 - virtctl image-upload fails to upload an image if the dv name includes a "." 1854419 - [Re-brand] Align CSV 1854744 - To stabilize some tests I need to backport PRs which change production code 1855256 - [v2v][RHV to CNV VM import] Empty directories created for vm-import-operator/controller logs in cnv-must-gather 1856438 - [CNAO] Upgrade is not completed (wrong operatorVersion), CR is not updated. 1856447 - CNV upgrade - HCO fails to identify wrong observedVersion in CR, HCO is reported as READY 1856979 - Domain notify errors break VMI migrations and graceful shutdown

  1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: bind security update Advisory ID: RHSA-2020:2344-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:2344 Issue date: 2020-06-01 CVE Names: CVE-2020-8616 CVE-2020-8617 ==================================================================== 1. Summary:

An update for bind is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

  1. Description:

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

Security Fix(es):

  • bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616)

  • bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

  1. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the update, the BIND daemon (named) will be restarted automatically.

  1. Bugs fixed (https://bugzilla.redhat.com/):

1836118 - CVE-2020-8616 bind: BIND does not sufficiently limit the number of fetches performed when processing referrals 1836124 - CVE-2020-8617 bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

  1. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source: bind-9.11.4-16.P2.el7_8.6.src.rpm

noarch: bind-license-9.11.4-16.P2.el7_8.6.noarch.rpm

x86_64: bind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64: bind-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source: bind-9.11.4-16.P2.el7_8.6.src.rpm

noarch: bind-license-9.11.4-16.P2.el7_8.6.noarch.rpm

x86_64: bind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64: bind-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source: bind-9.11.4-16.P2.el7_8.6.src.rpm

noarch: bind-license-9.11.4-16.P2.el7_8.6.noarch.rpm

ppc64: bind-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-chroot-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.ppc.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.ppc.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-libs-9.11.4-16.P2.el7_8.6.ppc.rpm bind-libs-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.ppc.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-pkcs11-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.ppc.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-pkcs11-utils-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-utils-9.11.4-16.P2.el7_8.6.ppc64.rpm

ppc64le: bind-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-chroot-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-libs-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-pkcs11-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-pkcs11-utils-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-utils-9.11.4-16.P2.el7_8.6.ppc64le.rpm

s390x: bind-9.11.4-16.P2.el7_8.6.s390x.rpm bind-chroot-9.11.4-16.P2.el7_8.6.s390x.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.s390.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.s390x.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.s390.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.s390x.rpm bind-libs-9.11.4-16.P2.el7_8.6.s390.rpm bind-libs-9.11.4-16.P2.el7_8.6.s390x.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.s390.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.s390x.rpm bind-pkcs11-9.11.4-16.P2.el7_8.6.s390x.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.s390.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.s390x.rpm bind-pkcs11-utils-9.11.4-16.P2.el7_8.6.s390x.rpm bind-utils-9.11.4-16.P2.el7_8.6.s390x.rpm

x86_64: bind-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64: bind-debuginfo-9.11.4-16.P2.el7_8.6.ppc.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-devel-9.11.4-16.P2.el7_8.6.ppc.rpm bind-devel-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.ppc.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.ppc.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.ppc.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-sdb-9.11.4-16.P2.el7_8.6.ppc64.rpm bind-sdb-chroot-9.11.4-16.P2.el7_8.6.ppc64.rpm

ppc64le: bind-debuginfo-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-devel-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-sdb-9.11.4-16.P2.el7_8.6.ppc64le.rpm bind-sdb-chroot-9.11.4-16.P2.el7_8.6.ppc64le.rpm

s390x: bind-debuginfo-9.11.4-16.P2.el7_8.6.s390.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.s390x.rpm bind-devel-9.11.4-16.P2.el7_8.6.s390.rpm bind-devel-9.11.4-16.P2.el7_8.6.s390x.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.s390.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.s390x.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.s390.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.s390x.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.s390.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.s390x.rpm bind-sdb-9.11.4-16.P2.el7_8.6.s390x.rpm bind-sdb-chroot-9.11.4-16.P2.el7_8.6.s390x.rpm

x86_64: bind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source: bind-9.11.4-16.P2.el7_8.6.src.rpm

noarch: bind-license-9.11.4-16.P2.el7_8.6.noarch.rpm

x86_64: bind-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpm bind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpm bind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64: bind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpm bind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2020-8616 https://access.redhat.com/security/cve/CVE-2020-8617 https://access.redhat.com/security/updates/classification/#important

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQIVAwUBXtTLT9zjgjWX9erEAQgZIhAApcPTwXOJR5ZcZSycdasXkiT5KuLsEXGl ZzYZC1xN62FE00ctUoNtGIP9xwVTUp8C7K8vDvpi38Fu/br0oWKfdudldn/iYIlW lVRNyD71aHS0CcE29+eFF8TofsNRZ2hYbTcYJIX1AbsqEb5IqAwhOxEoKdraTzG8 zx5MQc/61aRr/kjAdaamy8dLdKCXwPZ43471xsABXqGXtuBbOJCbPpbKV6iUhNFD RQc2m0D8W7/mbduKnBbMI/FmSMY2j9jfJmVHVHlfczvIiXey/ntzso+Fe292OFoR 3dhI8wjHgxA1XuQXGt+xxxqwFfGF8QBdqqzBFzZdyf7hxHtv/RxoTNj3JXrFZtex tx9JBsk8sBmJl2pb17ak6LplCQhTP0E4GplWb62P9mr4EwZyfN/Qq09WyiN7B6te 8frV/h8n1rQu2etLQSJjXwA6/05h1ScRdl0dcxi+8PqCI7ik0QBKw6zbRzKr/XEd YJgGVBHVYbrCtAxqZ8Mtl1WoN9SuwAb06hHH8lVotpU0JrB+RZtfQbxmKycX8MHd q+4FtmEKSiiblhvQ4qQaOpXzkONvSlOpsQx+y5795IM4eXVA2dIv+/E6F0dNApJC nW887uzHRKTymT6/2p5sDVTm8ioN2LGGX9KoiHrhIsmLWwI4UzVrUQJZFGsOMYSj N3gJ4Ik0DPQ=qhuZ -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Show details on source website


{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-202005-1028",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "bind",
            scope: "eq",
            trust: 1,
            vendor: "isc",
            version: "9.10.5",
         },
         {
            model: "linux",
            scope: "eq",
            trust: 1,
            vendor: "debian",
            version: "10.0",
         },
         {
            model: "bind",
            scope: "gte",
            trust: 1,
            vendor: "isc",
            version: "9.15.0",
         },
         {
            model: "bind",
            scope: "lte",
            trust: 1,
            vendor: "isc",
            version: "9.16.2",
         },
         {
            model: "bind",
            scope: "gte",
            trust: 1,
            vendor: "isc",
            version: "9.17.0",
         },
         {
            model: "bind",
            scope: "eq",
            trust: 1,
            vendor: "isc",
            version: "9.11.5",
         },
         {
            model: "bind",
            scope: "eq",
            trust: 1,
            vendor: "isc",
            version: "9.11.3",
         },
         {
            model: "bind",
            scope: "gte",
            trust: 1,
            vendor: "isc",
            version: "9.12.0",
         },
         {
            model: "bind",
            scope: "lte",
            trust: 1,
            vendor: "isc",
            version: "9.13.7",
         },
         {
            model: "bind",
            scope: "gte",
            trust: 1,
            vendor: "isc",
            version: "9.16.0",
         },
         {
            model: "bind",
            scope: "eq",
            trust: 1,
            vendor: "isc",
            version: "9.12.4",
         },
         {
            model: "bind",
            scope: "lte",
            trust: 1,
            vendor: "isc",
            version: "9.15.6",
         },
         {
            model: "bind",
            scope: "eq",
            trust: 1,
            vendor: "isc",
            version: "9.11.7",
         },
         {
            model: "bind",
            scope: "eq",
            trust: 1,
            vendor: "isc",
            version: "9.11.6",
         },
         {
            model: "bind",
            scope: "gte",
            trust: 1,
            vendor: "isc",
            version: "9.14.0",
         },
         {
            model: "bind",
            scope: "eq",
            trust: 1,
            vendor: "isc",
            version: "9.10.7",
         },
         {
            model: "bind",
            scope: "eq",
            trust: 1,
            vendor: "isc",
            version: "9.9.3",
         },
         {
            model: "bind",
            scope: "eq",
            trust: 1,
            vendor: "isc",
            version: "9.11.8",
         },
         {
            model: "bind",
            scope: "gte",
            trust: 1,
            vendor: "isc",
            version: "9.0.0",
         },
         {
            model: "bind",
            scope: "lte",
            trust: 1,
            vendor: "isc",
            version: "9.11.18",
         },
         {
            model: "bind",
            scope: "lte",
            trust: 1,
            vendor: "isc",
            version: "9.12.4",
         },
         {
            model: "bind",
            scope: "gte",
            trust: 1,
            vendor: "isc",
            version: "9.13.0",
         },
         {
            model: "bind",
            scope: "lte",
            trust: 1,
            vendor: "isc",
            version: "9.14.11",
         },
         {
            model: "linux",
            scope: "eq",
            trust: 1,
            vendor: "debian",
            version: "9.0",
         },
         {
            model: "bind",
            scope: "lte",
            trust: 1,
            vendor: "isc",
            version: "9.17.1",
         },
         {
            model: "dns",
            scope: "eq",
            trust: 0.8,
            vendor: "xack",
            version: "1.10.0 から 1.10.8",
         },
         {
            model: "dns",
            scope: "eq",
            trust: 0.8,
            vendor: "xack",
            version: "1.11.0 から 1.11.4",
         },
         {
            model: "dns",
            scope: "eq",
            trust: 0.8,
            vendor: "xack",
            version: "1.7.0 から 1.7.18",
         },
         {
            model: "dns",
            scope: "eq",
            trust: 0.8,
            vendor: "xack",
            version: "1.7.0 の全て",
         },
         {
            model: "dns",
            scope: "eq",
            trust: 0.8,
            vendor: "xack",
            version: "1.8.0 から 1.8.23",
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
         {
            db: "NVD",
            id: "CVE-2020-8616",
         },
      ],
   },
   configurations: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/configurations#",
         children: {
            "@container": "@list",
         },
         cpe_match: {
            "@container": "@list",
         },
         data: {
            "@container": "@list",
         },
         nodes: {
            "@container": "@list",
         },
      },
      data: [
         {
            CVE_data_version: "4.0",
            nodes: [
               {
                  cpe_match: [
                     {
                        cpe22Uri: "cpe:/h:misc:xack_xack_dns",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
      ],
   },
   credits: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/credits#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Red Hat",
      sources: [
         {
            db: "PACKETSTORM",
            id: "158805",
         },
         {
            db: "PACKETSTORM",
            id: "158844",
         },
         {
            db: "PACKETSTORM",
            id: "158899",
         },
         {
            db: "PACKETSTORM",
            id: "157921",
         },
         {
            db: "PACKETSTORM",
            id: "158900",
         },
         {
            db: "PACKETSTORM",
            id: "158130",
         },
         {
            db: "PACKETSTORM",
            id: "158637",
         },
         {
            db: "PACKETSTORM",
            id: "157889",
         },
      ],
      trust: 0.8,
   },
   cve: "CVE-2020-8616",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [
               {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "nvd@nist.gov",
                  availabilityImpact: "PARTIAL",
                  baseScore: 5,
                  confidentialityImpact: "NONE",
                  exploitabilityScore: 10,
                  id: "CVE-2020-8616",
                  impactScore: 2.9,
                  integrityImpact: "NONE",
                  severity: "MEDIUM",
                  trust: 1.1,
                  vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                  version: "2.0",
               },
               {
                  acInsufInfo: null,
                  accessComplexity: "Low",
                  accessVector: "Network",
                  authentication: "None",
                  author: "IPA",
                  availabilityImpact: "Partial",
                  baseScore: 5,
                  confidentialityImpact: "None",
                  exploitabilityScore: null,
                  id: "JVNDB-2020-000036",
                  impactScore: null,
                  integrityImpact: "None",
                  obtainAllPrivilege: null,
                  obtainOtherPrivilege: null,
                  obtainUserPrivilege: null,
                  severity: "Medium",
                  trust: 0.8,
                  userInteractionRequired: null,
                  vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                  version: "2.0",
               },
            ],
            cvssV3: [
               {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  author: "nvd@nist.gov",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  exploitabilityScore: 3.9,
                  id: "CVE-2020-8616",
                  impactScore: 4,
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  trust: 2,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
               {
                  attackComplexity: "Low",
                  attackVector: "Network",
                  author: "IPA",
                  availabilityImpact: "High",
                  baseScore: 8.6,
                  baseSeverity: "High",
                  confidentialityImpact: "None",
                  exploitabilityScore: null,
                  id: "JVNDB-2020-000036",
                  impactScore: null,
                  integrityImpact: "None",
                  privilegesRequired: "None",
                  scope: "Changed",
                  trust: 0.8,
                  userInteraction: "None",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            ],
            severity: [
               {
                  author: "nvd@nist.gov",
                  id: "CVE-2020-8616",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "security-officer@isc.org",
                  id: "CVE-2020-8616",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "IPA",
                  id: "JVNDB-2020-000036",
                  trust: 0.8,
                  value: "High",
               },
               {
                  author: "VULMON",
                  id: "CVE-2020-8616",
                  trust: 0.1,
                  value: "MEDIUM",
               },
            ],
         },
      ],
      sources: [
         {
            db: "VULMON",
            id: "CVE-2020-8616",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
         {
            db: "NVD",
            id: "CVE-2020-8616",
         },
         {
            db: "NVD",
            id: "CVE-2020-8616",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor. XACK DNS Is a corporation XACK Provides DNS Software for servers. XACK DNS In general NXNSAttack Service disruption due to a problem called (DoS) There are vulnerabilities that can be attacked. This vulnerability information is provided by the developer for the purpose of disseminating it to product users. IPA Report to JPCERT/CC Coordinated with the developer.The following service operation interruptions by a remote third party (DoS) You may be attacked. -Increases the load of the full resolver and reduces performance. ・ Abuse the full resolver as a stepping stone for reflection attacks. \n\nCVE-2019-6477\n\n    It was discovered that TCP-pipelined queries can bypass tcp-client\n    limits resulting in denial of service. \n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 1:9.10.3.dfsg.P4-12.3+deb9u6. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:9.11.5.P4+dfsg-5.1+deb10u1. \n\nWe recommend that you upgrade your bind9 packages. \n\nFor the detailed security status of bind9 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/bind9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl7ENhhfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TG0w//d/ZEG5TM8bmDZSBkB0n+JZ9S1ZOuRbETrtXAYnI1DjQZzk427PR9Vm39\ntMbe2UOmYgxD/UybCL7tGNsNqFo4iRrefnEU47I8nWp1szCo9MsUbl9itmZfprGF\nlOvMvyklu8WZFXLSHOntOEKANv5k/ygq9ux4t/YWpL4jdpfCR+fdECfr16vV5XkR\ninKQuGDokmDs0E+bJHKUGWTcTsTXmcFZIaurKx+IeHAyQxbEmV1qiJHQKtvkmp9s\nkUlNyrfs1tLXM+JeQK0GtPTJuiMpznkisvC1/hJVPNy2kvGl+5pZ6LRB7BzuswSp\nHokcQ4p8BIw1LAGXq+TvnJaQd+mfHHfasI2FS+XRWEos92bF1+TlxFW4gTLghMYV\nssuK4nBIbvucrNXc2Wcm7n/1UxEiAiT7Zf9mKFBdBxZSxz8ueLh2js0SKxH9GTBF\nRx6x1NXGLI9u9QQgOOzyQh8ClRLC1Z2UtHQLLITTT7UlnXRSO1OvmJEFFuA+0E5/\nFK2zzpD8a3+cHS5O1+a1LihqiwxDkFJXNY/d/BSLAoNeYyGjgQq/1AgoEbjVDO4o\nye6ttRSaaMUS8rvUrE9U4PfSyclHke+filK4KURkY7kZ+UEH7XH2jCZunW/POpKp\nWIBvqVSEK6qTYWji5Ayucm2tgmUMIxV+tH1Im2Im6HjrP/pyGrs=\n=SqNI\n-----END PGP SIGNATURE-----\n. 7.4) - noarch, x86_64\n\n3. 6) - i386, x86_64\n\n3. Solution:\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.25, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster\n- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):\n\n1808130 - CVE-2020-1750 machine-config-operator-container: mmap stressor makes the cluster unresponsive\n\n5. Description:\n\nOpenShift Virtualization is Red Hat's virtualization solution designed for\nRed Hat OpenShift Container Platform. \n\nAdditional Changes:\n\nThis update also fixes several bugs and adds various enhancements. \n\nThis advisory contains the following OpenShift Virtualization 2.4.0 images:\n\nRHEL-7-CNV-2.4\n==============\nkubevirt-ssp-operator-container-v2.4.0-71\n\nRHEL-8-CNV-2.4\n==============\nvirt-cdi-controller-container-v2.4.0-29\nvirt-cdi-uploadproxy-container-v2.4.0-29\nhostpath-provisioner-container-v2.4.0-25\nvirt-cdi-operator-container-v2.4.0-29\nkubevirt-metrics-collector-container-v2.4.0-18\ncnv-containernetworking-plugins-container-v2.4.0-36\nkubevirt-kvm-info-nfd-plugin-container-v2.4.0-18\nhostpath-provisioner-operator-container-v2.4.0-31\nvirt-cdi-uploadserver-container-v2.4.0-29\nvirt-cdi-apiserver-container-v2.4.0-29\nvirt-controller-container-v2.4.0-58\nvirt-cdi-cloner-container-v2.4.0-29\nkubevirt-template-validator-container-v2.4.0-21\nvm-import-operator-container-v2.4.0-21\nkubernetes-nmstate-handler-container-v2.4.0-37\nnode-maintenance-operator-container-v2.4.0-27\nvirt-operator-container-v2.4.0-58\nkubevirt-v2v-conversion-container-v2.4.0-23\ncnv-must-gather-container-v2.4.0-73\nvirtio-win-container-v2.4.0-15\nkubevirt-cpu-node-labeller-container-v2.4.0-19\novs-cni-plugin-container-v2.4.0-37\nkubevirt-vmware-container-v2.4.0-21\nhyperconverged-cluster-operator-container-v2.4.0-70\nvirt-handler-container-v2.4.0-58\nvirt-cdi-importer-container-v2.4.0-29\nvirt-launcher-container-v2.4.0-58\nkubevirt-cpu-model-nfd-plugin-container-v2.4.0-17\nvirt-api-container-v2.4.0-58\novs-cni-marker-container-v2.4.0-38\nkubemacpool-container-v2.4.0-39\ncluster-network-addons-operator-container-v2.4.0-38\nbridge-marker-container-v2.4.0-39\nvm-import-controller-container-v2.4.0-21\nhco-bundle-registry-container-v2.3.0-497\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1684772 - virt-launcher images do not have the edk2-ovmf package installed\n1716329 - missing Status, Version and Label for a number of CNV components, and Status term inconsistency\n1724978 - [RFE][v2v] Improve the way we display progress percent in UI\n1725672 - CDI: getting error with \"unknown reason\" when trying to create UploadTokenRequest for a none existing pvc\n1727117 - [RFE] Reduce installed libvirt components\n1780473 - Delete VM is hanging if the corresponding template does not exist anymore\n1787213 - KubeMacpool may not work from time to time since it is skipped when we face certificate issue. \n1789564 - Failed to allocate a SRIOV VF to VMI\n1795889 - internal IP shown on VMI spec instead of public one on VMI with guest-agent\n1796342 - VM Failing to start since hard disk not ready\n1802554 - [SSP] cpu-feature-lahf_lm and Conroe are enabled on one worker (test issue)\n1805044 - No mem/filesystem/Network Utilization in VM overview\n1806288 - [CDI] fails to import images that comes from url that reject HEAD requests\n1806436 - [SSP] Windows common templates - Windows10 should be removed from windows-server* templates, windows-server* should not have desktop version\n1811111 - All the VM templates are visible in the developer catalog but not really/easily instantiable\n1811417 - Failed to install cnv-2.4 on top of ocp 4.4 (hco operator in crashLoopBackOff state)\n1816518 - [SSP] Common templates - template name under objects -> metadata -> labels  should be identical to the template actual name\n1817080 - node maintenance CRD is marked with NonStructuralSchema condition\n1819252 - kubevirt-ssp-operator cannot create ServiceMonitor object\n1820651 - CDI import fails using block volume (available size -1)\n1821209 - Debug log message looks unprofessional\n1822079 - nmstate-handler fails to start and keeps restarting\n1822315 - status.desiredState: doesn't pick the correct value and is null\n1823342 - Invalid qcow2 image causes HTTP range error and difficult to read stack trace\n1823699 - [CNV-2.4] Failing to deploy NetworkAddons\n1823701 - [CNV-2.4] when a single component is failing, HCO can continue reporting outdated negative conditions also on other components\n1825801 - [CNV-2.4] Failing to deploy due issues in CRD of cluster network operator\n1826044 - [CNV-2.4] Failing to deploy due issues in CRD of cluster host-path-provisioner operator\n1827257 - VMs' connectivity is available even the two VMs are in different vlan\n1828401 - misconfigured prow job e2e-aws-4.5-cnv resulting in step e2e-aws failed: step needs a lease but no lease client provided\n1829376 - VMs with blank block volumes fail to spin up\n1830780 - virt-v2v-wrapper - 0% VM migration progress in UI\n1831536 - kubevirt-{handler,apiserver,controller} service accounts added to the privileged SCC\n1832179 - [virt] VM with runStrategy attribute (instead of 'running' attribute) does not have 'RUNNING' state in cli\n1832283 - [SSP operator] Common templates and template_validator are missing after clean installation\n1832291 - SSP installation is successful even with some components missing\n1832769 - [kubevirt version] is not reported correctly\n1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters\n1833376 - Hardcoded VMware-vix-disklib version 6 - import fail with version 7\n1833786 - kubevirt hyperconverged-cluster-operator deploy_marketplace.sh fails in disconnected cluster\n1834253 - VMs are stuck in Starting state\n1835242 - Can't query SSP CRs after upgrade from 2.3 to 2.4\n1835426 - [RFE] Provide a clear error message when VM and VMI name does not match\n1836792 - [CNV deployment] kubevirt components are missing\n1837182 - VMI virt-launcher reaches Error state after running for 10-24 hours\n1837670 - Specifying \"Ubuntu 18.04 LTS\" force the Conroe CPU model\n1838066 - [CNV deployment] kubevirt failing to create cpu-plugin-configmap obsoleteCPUs\n1838424 - [Installation] CNV 2.4.0 virt-handler and kubevirt-node-labeller pods are not showing up\n1839982 - [CNV][DOC] Lack of explanation for StorageClass default accessMode in openshift-cnv kubevirt-storage-class-defaults\n1840047 - [CNV-2.4] virt-handler failing on /usr/bin/container-disk: no such file or directory\n1840220 - [CNV-2.4] node-maintenance-operator failing to create deployment - invalid format of manifest\n1840652 - Upgrade indication is missing\n1841065 - [v2v] RHV to CNV: VM import fail on network mapping validation\n1841325 - [CNV][V2V] VM migration fails if VMWare host isn't under Cluster but directly under Datacenter\n1841505 - [CNV-2.4] virt-template-validator container fails to start\n1842869 - vmi cannot be scheduled, because node labeller doesn't report correct labels\n1842958 - [SSP] Fail to create Windows VMs from templates - windows-cd-bus validation added but cdrom is missing from the template\n1843219 - node-labeller SCC is privileged, which appears too relaxed\n1843456 - virt-launcher goes from running to error state due to panic: timed out waiting for domain to be defined\n1843467 - [CNV network KMP] kubemacpool causes worker node to be Ready,SchedulingDisabled\n1843519 - HCO CR is not listed when running \"kubectl get all\" from command line\n1843948 - [Network operator] Upgrade from 2.3 to 2.4 - Network operator fails to upgrade ovs-cni pods, upgrade is not completed\n1844057 - [CNV-2.4] cluster-network-addons-operator failing to start\n1844105 - [SSP operator] Upgrade from 2.3.0 to 2.4.0- SSP operator fails to upgrade node labeller and template validator\n1844907 - kubemacpool deployment status errors regarding replicas\n1845060 - Node-labeller is in pending state when node doesn't have kvm device\n1845061 - Version displayed in Container Native Virtualization OperatorHub side panel\n1845477 - [SSP] Template validator fails to \"Extract the CA bundle\"; template validator is not called when a VM is created\n1845557 - [CNV-2.4] template validator webhook fails with certification issues\n1845604 - [v2v] RHV to CNV VM import: Prevent a second vm-import from starting. \n1845899 - [CNV-2.5] cluster-network-addons-operator failing to start\n1845901 - Filesystem corruption related to smart clone\n1847070 - vmi cannot be scheduled , qemu-kvm core dump\n1847594 - pods in  openshift-cnv namespace no longer have openshift.io/scc under metadata.annotations\n1848004 - [CNV-2.5] Deployment fails on NetworkAddonsConfigNotAvailable\n1848007 - [CNV-2.4] Deployment fails on NetworkAddonsConfigNotAvailable\n1848951 - CVE-2020-14316 kubevirt: VMIs can be used to access host files\n1849527 - [v2v] [api]  VM import RHV to CNV importer should stop send requests to RHV if they are rejected because of wrong user/pass\n1849915 - [v2v] VM import RHV to CNV: The timezone data is not  available in the vm-import-controller image. \n1850425 - [v2v][VM import RHV to CNV] Add validation for network target type in network mapping\n1850467 - [v2v] [api]  VM import RHV to CNV invalid target network type should not crash the controller\n1850482 - [v2v][VM import from RHV to CNV] 2 nics are mapped to a new network though second was mapped to pod. \n1850937 - kubemacpool fails in a specific order of components startup\n1851856 - Deployment not progressing due to PriorityClass missing\n1851886 - [CNV][V2V] VMWare pod is failing when running wizard to migrate from RHV\n1852446 - [v2v][RHV to CNV VM import] Windows10 VM import fail on: timezone is not UTC-compatible\n1853028 - CNV must-gather failure on CNV-QE BM-RHCOS environment\n1853133 - [CNV-2.4] Deployment fails on KubeVirtMetricsAggregationNotAvailable\n1853373 - virtctl image-upload fails to upload an image if the dv name includes a \".\"\n1854419 - [Re-brand] Align CSV\n1854744 - To stabilize some tests I need to backport PRs which change production code\n1855256 - [v2v][RHV to CNV VM import] Empty directories created for vm-import-operator/controller logs in cnv-must-gather\n1856438 - [CNAO]  Upgrade is not completed (wrong operatorVersion), CR is not updated. \n1856447 - CNV upgrade - HCO fails to identify wrong observedVersion in CR, HCO is reported as READY\n1856979 - Domain notify errors break VMI migrations and graceful shutdown\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Important: bind security update\nAdvisory ID:       RHSA-2020:2344-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2020:2344\nIssue date:        2020-06-01\nCVE Names:         CVE-2020-8616 CVE-2020-8617\n====================================================================\n1. Summary:\n\nAn update for bind is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nSecurity Fix(es):\n\n* bind: BIND does not sufficiently limit the number of fetches performed\nwhen processing referrals (CVE-2020-8616)\n\n* bind: A logic error in code which checks TSIG validity can be used to\ntrigger an assertion failure in tsig.c (CVE-2020-8617)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1836118 - CVE-2020-8616 bind: BIND does not sufficiently limit the number of fetches performed when processing referrals\n1836124 - CVE-2020-8617 bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nbind-9.11.4-16.P2.el7_8.6.src.rpm\n\nnoarch:\nbind-license-9.11.4-16.P2.el7_8.6.noarch.rpm\n\nx86_64:\nbind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbind-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nbind-9.11.4-16.P2.el7_8.6.src.rpm\n\nnoarch:\nbind-license-9.11.4-16.P2.el7_8.6.noarch.rpm\n\nx86_64:\nbind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbind-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nbind-9.11.4-16.P2.el7_8.6.src.rpm\n\nnoarch:\nbind-license-9.11.4-16.P2.el7_8.6.noarch.rpm\n\nppc64:\nbind-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-chroot-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-pkcs11-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-pkcs11-utils-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-utils-9.11.4-16.P2.el7_8.6.ppc64.rpm\n\nppc64le:\nbind-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-chroot-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-pkcs11-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-pkcs11-utils-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-utils-9.11.4-16.P2.el7_8.6.ppc64le.rpm\n\ns390x:\nbind-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-chroot-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-pkcs11-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-pkcs11-utils-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-utils-9.11.4-16.P2.el7_8.6.s390x.rpm\n\nx86_64:\nbind-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbind-debuginfo-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.ppc.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-sdb-9.11.4-16.P2.el7_8.6.ppc64.rpm\nbind-sdb-chroot-9.11.4-16.P2.el7_8.6.ppc64.rpm\n\nppc64le:\nbind-debuginfo-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-sdb-9.11.4-16.P2.el7_8.6.ppc64le.rpm\nbind-sdb-chroot-9.11.4-16.P2.el7_8.6.ppc64le.rpm\n\ns390x:\nbind-debuginfo-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.s390.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-sdb-9.11.4-16.P2.el7_8.6.s390x.rpm\nbind-sdb-chroot-9.11.4-16.P2.el7_8.6.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nbind-9.11.4-16.P2.el7_8.6.src.rpm\n\nnoarch:\nbind-license-9.11.4-16.P2.el7_8.6.noarch.rpm\n\nx86_64:\nbind-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-export-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-libs-lite-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-pkcs11-libs-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-utils-9.11.4-16.P2.el7_8.6.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-export-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-lite-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.i686.rpm\nbind-pkcs11-devel-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-sdb-9.11.4-16.P2.el7_8.6.x86_64.rpm\nbind-sdb-chroot-9.11.4-16.P2.el7_8.6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-8616\nhttps://access.redhat.com/security/cve/CVE-2020-8617\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXtTLT9zjgjWX9erEAQgZIhAApcPTwXOJR5ZcZSycdasXkiT5KuLsEXGl\nZzYZC1xN62FE00ctUoNtGIP9xwVTUp8C7K8vDvpi38Fu/br0oWKfdudldn/iYIlW\nlVRNyD71aHS0CcE29+eFF8TofsNRZ2hYbTcYJIX1AbsqEb5IqAwhOxEoKdraTzG8\nzx5MQc/61aRr/kjAdaamy8dLdKCXwPZ43471xsABXqGXtuBbOJCbPpbKV6iUhNFD\nRQc2m0D8W7/mbduKnBbMI/FmSMY2j9jfJmVHVHlfczvIiXey/ntzso+Fe292OFoR\n3dhI8wjHgxA1XuQXGt+xxxqwFfGF8QBdqqzBFzZdyf7hxHtv/RxoTNj3JXrFZtex\ntx9JBsk8sBmJl2pb17ak6LplCQhTP0E4GplWb62P9mr4EwZyfN/Qq09WyiN7B6te\n8frV/h8n1rQu2etLQSJjXwA6/05h1ScRdl0dcxi+8PqCI7ik0QBKw6zbRzKr/XEd\nYJgGVBHVYbrCtAxqZ8Mtl1WoN9SuwAb06hHH8lVotpU0JrB+RZtfQbxmKycX8MHd\nq+4FtmEKSiiblhvQ4qQaOpXzkONvSlOpsQx+y5795IM4eXVA2dIv+/E6F0dNApJC\nnW887uzHRKTymT6/2p5sDVTm8ioN2LGGX9KoiHrhIsmLWwI4UzVrUQJZFGsOMYSj\nN3gJ4Ik0DPQ=qhuZ\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
      sources: [
         {
            db: "NVD",
            id: "CVE-2020-8616",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
         {
            db: "VULMON",
            id: "CVE-2020-8616",
         },
         {
            db: "PACKETSTORM",
            id: "168830",
         },
         {
            db: "PACKETSTORM",
            id: "158805",
         },
         {
            db: "PACKETSTORM",
            id: "158844",
         },
         {
            db: "PACKETSTORM",
            id: "158899",
         },
         {
            db: "PACKETSTORM",
            id: "157921",
         },
         {
            db: "PACKETSTORM",
            id: "158900",
         },
         {
            db: "PACKETSTORM",
            id: "158130",
         },
         {
            db: "PACKETSTORM",
            id: "158637",
         },
         {
            db: "PACKETSTORM",
            id: "157889",
         },
      ],
      trust: 2.52,
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2020-8616",
            trust: 2.8,
         },
         {
            db: "OPENWALL",
            id: "OSS-SECURITY/2020/05/19/4",
            trust: 1.1,
         },
         {
            db: "JVN",
            id: "JVN40208370",
            trust: 0.8,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
            trust: 0.8,
         },
         {
            db: "VULMON",
            id: "CVE-2020-8616",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "168830",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "158805",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "158844",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "158899",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "157921",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "158900",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "158130",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "158637",
            trust: 0.1,
         },
         {
            db: "PACKETSTORM",
            id: "157889",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "VULMON",
            id: "CVE-2020-8616",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
         {
            db: "PACKETSTORM",
            id: "168830",
         },
         {
            db: "PACKETSTORM",
            id: "158805",
         },
         {
            db: "PACKETSTORM",
            id: "158844",
         },
         {
            db: "PACKETSTORM",
            id: "158899",
         },
         {
            db: "PACKETSTORM",
            id: "157921",
         },
         {
            db: "PACKETSTORM",
            id: "158900",
         },
         {
            db: "PACKETSTORM",
            id: "158130",
         },
         {
            db: "PACKETSTORM",
            id: "158637",
         },
         {
            db: "PACKETSTORM",
            id: "157889",
         },
         {
            db: "NVD",
            id: "CVE-2020-8616",
         },
      ],
   },
   id: "VAR-202005-1028",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "VARIoT devices database",
            id: null,
         },
      ],
      trust: 0.41666666,
   },
   last_update_date: "2024-11-28T20:53:34.019000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "CVE-2020-8616 (NXNSAttack) について",
            trust: 0.8,
            url: "https://xack.co.jp/info/?ID=622",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203433 - Security Advisory",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202383 - Security Advisory",
         },
         {
            title: "Ubuntu Security Notice: bind9 vulnerabilities",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4365-1",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203272 - Security Advisory",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203470 - Security Advisory",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202404 - Security Advisory",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203471 - Security Advisory",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203379 - Security Advisory",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202345 - Security Advisory",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202338 - Security Advisory",
         },
         {
            title: "Ubuntu Security Notice: bind9 vulnerabilities",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4365-2",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203475 - Security Advisory",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202344 - Security Advisory",
         },
         {
            title: "Red Hat: Important: bind security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203378 - Security Advisory",
         },
         {
            title: "Debian CVElist Bug Report Logs: bind9: CVE-2020-8616 CVE-2020-8617",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=381e66e05d75d93918e55cdaa636e1b0",
         },
         {
            title: "Debian Security Advisories: DSA-4689-1 bind9 -- security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=808ccb545c64882f6cfa960abf75abfa",
         },
         {
            title: "Red Hat: Moderate: OpenShift Container Platform 4.4.8 openshift-enterprise-hyperkube-container security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202449 - Security Advisory",
         },
         {
            title: "Red Hat: Moderate: OpenShift Container Platform 4.2.36 ose-machine-config-operator-container security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202595 - Security Advisory",
         },
         {
            title: "Amazon Linux AMI: ALAS-2020-1369",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1369",
         },
         {
            title: "Red Hat: Moderate: OpenShift Container Platform 4.3.25 openshift-enterprise-hyperkube-container security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202441 - Security Advisory",
         },
         {
            title: "Red Hat: Moderate: OpenShift Container Platform 4.3.25 security update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202439 - Security Advisory",
         },
         {
            title: "Arch Linux Issues: ",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-8616 log",
         },
         {
            title: "Arch Linux Advisories: [ASA-202005-13] bind: denial of service",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202005-13",
         },
         {
            title: "Amazon Linux 2: ALAS2-2020-1426",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2020-1426",
         },
         {
            title: "IBM: Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage Systems (July 2020v1)",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=4ca8040b949152189bea3a3126afcd39",
         },
         {
            title: "Red Hat: Important: Container-native Virtualization security, bug fix, and enhancement update",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203194 - Security Advisory",
         },
         {
            title: "",
            trust: 0.1,
            url: "https://github.com/pexip/os-bind9-libs ",
         },
      ],
      sources: [
         {
            db: "VULMON",
            id: "CVE-2020-8616",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-400",
            trust: 1,
         },
         {
            problemtype: "CWE-Other",
            trust: 0.8,
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
         {
            db: "NVD",
            id: "CVE-2020-8616",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 1.2,
            url: "https://usn.ubuntu.com/4365-1/",
         },
         {
            trust: 1.1,
            url: "http://www.nxnsattack.com",
         },
         {
            trust: 1.1,
            url: "https://kb.isc.org/docs/cve-2020-8616",
         },
         {
            trust: 1.1,
            url: "http://www.openwall.com/lists/oss-security/2020/05/19/4",
         },
         {
            trust: 1.1,
            url: "https://www.debian.org/security/2020/dsa-4689",
         },
         {
            trust: 1.1,
            url: "https://security.netapp.com/advisory/ntap-20200522-0002/",
         },
         {
            trust: 1.1,
            url: "https://usn.ubuntu.com/4365-2/",
         },
         {
            trust: 1.1,
            url: "https://www.synology.com/security/advisory/synology_sa_20_12",
         },
         {
            trust: 1.1,
            url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html",
         },
         {
            trust: 1.1,
            url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html",
         },
         {
            trust: 1.1,
            url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html",
         },
         {
            trust: 1,
            url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jkjxvbokz36er3eucr7vrb7wghiimpnj/",
         },
         {
            trust: 1,
            url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wogcjs2xq3sqnf4w6glz73lwzj6zzwzi/",
         },
         {
            trust: 0.8,
            url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5591",
         },
         {
            trust: 0.8,
            url: "https://jprs.jp/tech/security/2020-05-20-bind9-vuln-processing-referrals.html",
         },
         {
            trust: 0.8,
            url: "https://jvn.jp/jp/jvn40208370/index.html",
         },
         {
            trust: 0.8,
            url: "http://www.nxnsattack.com/",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-8617",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-8616",
         },
         {
            trust: 0.8,
            url: "https://www.redhat.com/mailman/listinfo/rhsa-announce",
         },
         {
            trust: 0.8,
            url: "https://access.redhat.com/security/cve/cve-2020-8616",
         },
         {
            trust: 0.8,
            url: "https://access.redhat.com/security/cve/cve-2020-8617",
         },
         {
            trust: 0.8,
            url: "https://bugzilla.redhat.com/):",
         },
         {
            trust: 0.8,
            url: "https://access.redhat.com/security/team/contact/",
         },
         {
            trust: 0.7,
            url: "https://access.redhat.com/articles/11258",
         },
         {
            trust: 0.7,
            url: "https://access.redhat.com/security/updates/classification/#important",
         },
         {
            trust: 0.6,
            url: "https://access.redhat.com/security/team/key/",
         },
         {
            trust: 0.2,
            url: "https://access.redhat.com/errata/rhsa-2020:3433",
         },
         {
            trust: 0.1,
            url: "https://cwe.mitre.org/data/definitions/400.html",
         },
         {
            trust: 0.1,
            url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wogcjs2xq3sqnf4w6glz73lwzj6zzwzi/",
         },
         {
            trust: 0.1,
            url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jkjxvbokz36er3eucr7vrb7wghiimpnj/",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov",
         },
         {
            trust: 0.1,
            url: "https://security.archlinux.org/cve-2020-8616",
         },
         {
            trust: 0.1,
            url: "https://www.debian.org/security/faq",
         },
         {
            trust: 0.1,
            url: "https://www.debian.org/security/",
         },
         {
            trust: 0.1,
            url: "https://security-tracker.debian.org/tracker/bind9",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-6477",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2020:3378",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2020:3471",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2020:2383",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2020:3470",
         },
         {
            trust: 0.1,
            url: "https://docs.openshift.com/container-platform/4.3/updating/updating-cluster",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2020:2439",
         },
         {
            trust: 0.1,
            url: "https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/updates/classification/#moderate",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2020-1750",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-1750",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-11080",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2018-20852",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-17451",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-19807",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-19126",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-12448",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-1549",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2018-9251",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-17451",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-14563",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2018-20060",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2018-19519",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-1547",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-5482",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-10754",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2018-20060",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-13752",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-11324",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-19925",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-13777",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-1010204",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-10749",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-11501",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-11324",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-11236",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2018-7263",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-12447",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-5481",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-12049",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2018-19519",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-5436",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-13753",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-12447",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-1549",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-14563",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-5094",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-1563",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-3844",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2018-20852",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-16056",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-1010180",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2020:3194",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-3825",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-12888",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2018-18074",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-13752",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2018-20337",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-13753",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-19923",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-12662",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-12663",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-14822",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2018-7263",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2018-14404",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-14822",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-12449",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-8457",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-10757",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-15847",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-10766",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-13232",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-11236",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-19924",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2018-14404",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-10768",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-14316",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-1010204",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-12653",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-1563",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-16056",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-18934",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-10767",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2018-20337",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2018-18074",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-19232",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-19959",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-1547",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-13232",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-15847",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-3843",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-1010180",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-12449",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2019-3016",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-12654",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov/vuln/detail/cve-2019-12448",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2018-9251",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/security/cve/cve-2020-11008",
         },
         {
            trust: 0.1,
            url: "https://access.redhat.com/errata/rhsa-2020:2344",
         },
      ],
      sources: [
         {
            db: "VULMON",
            id: "CVE-2020-8616",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
         {
            db: "PACKETSTORM",
            id: "168830",
         },
         {
            db: "PACKETSTORM",
            id: "158805",
         },
         {
            db: "PACKETSTORM",
            id: "158844",
         },
         {
            db: "PACKETSTORM",
            id: "158899",
         },
         {
            db: "PACKETSTORM",
            id: "157921",
         },
         {
            db: "PACKETSTORM",
            id: "158900",
         },
         {
            db: "PACKETSTORM",
            id: "158130",
         },
         {
            db: "PACKETSTORM",
            id: "158637",
         },
         {
            db: "PACKETSTORM",
            id: "157889",
         },
         {
            db: "NVD",
            id: "CVE-2020-8616",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "VULMON",
            id: "CVE-2020-8616",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
         {
            db: "PACKETSTORM",
            id: "168830",
         },
         {
            db: "PACKETSTORM",
            id: "158805",
         },
         {
            db: "PACKETSTORM",
            id: "158844",
         },
         {
            db: "PACKETSTORM",
            id: "158899",
         },
         {
            db: "PACKETSTORM",
            id: "157921",
         },
         {
            db: "PACKETSTORM",
            id: "158900",
         },
         {
            db: "PACKETSTORM",
            id: "158130",
         },
         {
            db: "PACKETSTORM",
            id: "158637",
         },
         {
            db: "PACKETSTORM",
            id: "157889",
         },
         {
            db: "NVD",
            id: "CVE-2020-8616",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2020-05-19T00:00:00",
            db: "VULMON",
            id: "CVE-2020-8616",
         },
         {
            date: "2020-06-05T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
         {
            date: "2020-05-28T19:12:00",
            db: "PACKETSTORM",
            id: "168830",
         },
         {
            date: "2020-08-10T14:26:57",
            db: "PACKETSTORM",
            id: "158805",
         },
         {
            date: "2020-08-12T15:54:40",
            db: "PACKETSTORM",
            id: "158844",
         },
         {
            date: "2020-08-18T16:16:40",
            db: "PACKETSTORM",
            id: "158899",
         },
         {
            date: "2020-06-03T15:55:41",
            db: "PACKETSTORM",
            id: "157921",
         },
         {
            date: "2020-08-18T16:18:47",
            db: "PACKETSTORM",
            id: "158900",
         },
         {
            date: "2020-06-17T21:44:50",
            db: "PACKETSTORM",
            id: "158130",
         },
         {
            date: "2020-07-29T00:06:36",
            db: "PACKETSTORM",
            id: "158637",
         },
         {
            date: "2020-06-01T16:50:28",
            db: "PACKETSTORM",
            id: "157889",
         },
         {
            date: "2020-05-19T14:15:11.877000",
            db: "NVD",
            id: "CVE-2020-8616",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2020-10-20T00:00:00",
            db: "VULMON",
            id: "CVE-2020-8616",
         },
         {
            date: "2020-06-05T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
         {
            date: "2024-11-21T05:39:07.857000",
            db: "NVD",
            id: "CVE-2020-8616",
         },
      ],
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "XACK DNS Service operation interruption in  (DoS) Vulnerability",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2020-000036",
         },
      ],
      trust: 0.8,
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.