rhsa-2021_0693
Vulnerability from csaf_redhat
Published
2021-03-03 12:09
Modified
2024-09-16 05:29
Summary
Red Hat Security Advisory: bind security update
Notes
Topic
An update for bind is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
* bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for bind is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.\n\nSecurity Fix(es):\n\n* bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0693",
"url": "https://access.redhat.com/errata/RHSA-2021:0693"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1928486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928486"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_0693.json"
}
],
"title": "Red Hat Security Advisory: bind security update",
"tracking": {
"current_release_date": "2024-09-16T05:29:00+00:00",
"generator": {
"date": "2024-09-16T05:29:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:0693",
"initial_release_date": "2021-03-03T12:09:36+00:00",
"revision_history": [
{
"date": "2021-03-03T12:09:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-03T12:09:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T05:29:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.3::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:7.3::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-32:9.9.4-50.el7_3.5.src",
"product": {
"name": "bind-32:9.9.4-50.el7_3.5.src",
"product_id": "bind-32:9.9.4-50.el7_3.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind@9.9.4-50.el7_3.5?arch=src\u0026epoch=32"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-chroot@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-libs@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-libs-lite@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-pkcs11@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-pkcs11-libs@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-pkcs11-utils@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-utils-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-utils-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-utils-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-utils@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-debuginfo@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-devel@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-lite-devel@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-pkcs11-devel@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-sdb@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"product": {
"name": "bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"product_id": "bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-sdb-chroot@9.9.4-50.el7_3.5?arch=x86_64\u0026epoch=32"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-libs-32:9.9.4-50.el7_3.5.i686",
"product": {
"name": "bind-libs-32:9.9.4-50.el7_3.5.i686",
"product_id": "bind-libs-32:9.9.4-50.el7_3.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-libs@9.9.4-50.el7_3.5?arch=i686\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"product": {
"name": "bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"product_id": "bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-libs-lite@9.9.4-50.el7_3.5?arch=i686\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"product": {
"name": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"product_id": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-pkcs11-libs@9.9.4-50.el7_3.5?arch=i686\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"product": {
"name": "bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"product_id": "bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-debuginfo@9.9.4-50.el7_3.5?arch=i686\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-devel-32:9.9.4-50.el7_3.5.i686",
"product": {
"name": "bind-devel-32:9.9.4-50.el7_3.5.i686",
"product_id": "bind-devel-32:9.9.4-50.el7_3.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-devel@9.9.4-50.el7_3.5?arch=i686\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"product": {
"name": "bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"product_id": "bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-lite-devel@9.9.4-50.el7_3.5?arch=i686\u0026epoch=32"
}
}
},
{
"category": "product_version",
"name": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"product": {
"name": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"product_id": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-pkcs11-devel@9.9.4-50.el7_3.5?arch=i686\u0026epoch=32"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-license-32:9.9.4-50.el7_3.5.noarch",
"product": {
"name": "bind-license-32:9.9.4-50.el7_3.5.noarch",
"product_id": "bind-license-32:9.9.4-50.el7_3.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-license@9.9.4-50.el7_3.5?arch=noarch\u0026epoch=32"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-32:9.9.4-50.el7_3.5.src as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src"
},
"product_reference": "bind-32:9.9.4-50.el7_3.5.src",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chroot-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-debuginfo-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-devel-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-libs-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-lite-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-license-32:9.9.4-50.el7_3.5.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch"
},
"product_reference": "bind-license-32:9.9.4-50.el7_3.5.noarch",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-lite-devel-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-sdb-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 7.3)",
"product_id": "7Server-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-utils-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-32:9.9.4-50.el7_3.5.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src"
},
"product_reference": "bind-32:9.9.4-50.el7_3.5.src",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chroot-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-debuginfo-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-devel-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-libs-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-lite-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-license-32:9.9.4-50.el7_3.5.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch"
},
"product_reference": "bind-license-32:9.9.4-50.el7_3.5.noarch",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-lite-devel-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686"
},
"product_reference": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-sdb-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-32:9.9.4-50.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 7.3)",
"product_id": "7Server-optional-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64"
},
"product_reference": "bind-utils-32:9.9.4-50.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"ISC"
]
},
{
"names": [
"Trend Micro Zero Day Initiative"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-8625",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2021-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1928486"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was found in the SPNEGO implementation used by BIND. This flaw allows a remote attacker to cause the named process to crash or possibly perform remote code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "BIND servers shipped with Red Hat Enterprise Linux are compiled with GSS-TSIG and are therefore affected by this flaw. However, these BIND packages use the default settings and are not vulnerable by default.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src",
"7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch",
"7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src",
"7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch",
"7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8625"
},
{
"category": "external",
"summary": "RHBZ#1928486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928486"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8625",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8625"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8625",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8625"
},
{
"category": "external",
"summary": "https://kb.isc.org/docs/cve-2020-8625",
"url": "https://kb.isc.org/docs/cve-2020-8625"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, the BIND daemon (named) will be restarted automatically.",
"product_ids": [
"7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src",
"7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch",
"7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src",
"7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch",
"7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0693"
},
{
"category": "workaround",
"details": "As per upstream:\n\nBIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features.\n\nIn a configuration which uses BIND\u0027s default settings, the vulnerable code path is NOT exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options.\n\nAlthough the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers.\n\nThis vulnerability only affects servers configured to use GSS-TSIG, most often to sign dynamic updates. If another mechanism can be used to authenticate updates, the vulnerability can be avoided by choosing not to enable the use of GSS-TSIG features.",
"product_ids": [
"7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src",
"7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch",
"7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src",
"7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch",
"7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src",
"7Server-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch",
"7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.src",
"7Server-optional-7.3.AUS:bind-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-debuginfo-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-libs-lite-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-license-32:9.9.4-50.el7_3.5.noarch",
"7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-lite-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-pkcs11-devel-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.i686",
"7Server-optional-7.3.AUS:bind-pkcs11-libs-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-pkcs11-utils-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-sdb-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-sdb-chroot-32:9.9.4-50.el7_3.5.x86_64",
"7Server-optional-7.3.AUS:bind-utils-32:9.9.4-50.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation"
}
]
}
Loading...