ELSA-2024-5231

ULN >
Oracle Linux Errata repository >
ELSA-2024-5231

ELSA-2024-5231 - bind and bind-dyndb-ldap security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2024-08-13

Description

bind
[9.16.23-18.0.1.6]
- Fix warning when changing device file permissions [Orabug: 36518580]

[32:9.16.23-18.6]
- Minor fix of reclimit test backport (CVE-2024-1737)

[32:9.16.23-18.5]
- Backport addition of max-records-per-type and max-records-per-type options

[32:9.16.23-18.2]
- Resolve CVE-2024-1975
- Resolve CVE-2024-1737
- Resolve CVE-2024-4076
- Add ability to change runtime limits for max types and records per name

[32:9.16.23-18.1]
- Rebuild with correct z-stream tag again

[32:9.16.23-18]
- Prevent crashing at masterformat system test (CVE-2023-6516)

[32:9.16.23-17]
- Import tests for large DNS messages fix
- Add downstream change complementing CVE-2023-50387

[32:9.16.23-16]
- Prevent increased CPU load on large DNS messages (CVE-2023-4408)
- Prevent assertion failure when nxdomain-redirect is used with
RFC 1918 reverse zones (CVE-2023-5517)
- Prevent assertion failure if DNS64 and serve-stale is used (CVE-2023-5679)
- Specific recursive query patterns may lead to an out-of-memory
condition (CVE-2023-6516)
- Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387
CVE-2023-50868)

[32:9.16.23-15]
- Update addresses of b.root-servers.net (RHEL-18188)

[32:9.16.23-14]
- Limit the amount of recursion possible in control channel (CVE-2023-3341)

[32:9.16.23-13]
- Prevent possible endless loop when refreshing stale data (CVE-2023-2911)

[32:9.16.23-12]
- Strengten cache cleaning to prevent overflowing configured limit
(CVE-2023-2828)

[32:9.16.23-11]
- Correct backport issue in statistics rendering fix (#2126912)

[32:9.16.23-10]
- Handle subtle difference between upstream and rhel (CVE-2022-3094)

[32:9.16.23-9]
- Prevent flooding with UPDATE requests (CVE-2022-3094)
- Handle RRSIG queries when server-stale is active (CVE-2022-3736)
- Fix crash when soft-quota is reached and serve-stale is active (CVE-2022-3924)

[32:9.16.23-8]
- Correct regression preventing bind-dyndb-ldap build (#2162795)

[32:9.16.23-7]
- Prevent freeing zone during statistics rendering (#2101712)

[32:9.16.23-6]
- Bound the amount of work performed for delegations (CVE-2022-2795)
- Add /usr/lib64/named to bind-chroot (#2129466)

[32:9.16.23-5]
- Fix possible serve-stale related crash (CVE-2022-3080)
- Fix memory leak in ECDSA verify processing (CVE-2022-38177)
- Fix memory leak in EdDSA verify processing (CVE-2022-38178)

bind-dyndb-ldap
[11.9-10]
- Rebuilt for BIND CVE-2024-1737 fixes (CVE-2024-1737)

Related CVEs

CVE-2024-4076

CVE-2024-1737

CVE-2024-1975

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	bind-9.16.23-18.0.1.el9_4.6.src.rpm	2fa686f120279b4133138b8a6af07e8bc6b8822a7088550e2e82a2497dacec7a	-	ol9_aarch64_appstream
	bind-9.16.23-18.0.1.el9_4.6.src.rpm	2fa686f120279b4133138b8a6af07e8bc6b8822a7088550e2e82a2497dacec7a	-	ol9_aarch64_codeready_builder
	bind-dyndb-ldap-11.9-10.el9_4.src.rpm	936f43683eff688336f73c5971d0266472358d6e740266f7c6baa51440fe4672	-	ol9_aarch64_appstream
	bind-9.16.23-18.0.1.el9_4.6.aarch64.rpm	81d56514a94bcbc5006be660c60ac75691cf3196d438518f612a86f4327d0de0	-	ol9_aarch64_appstream
	bind-chroot-9.16.23-18.0.1.el9_4.6.aarch64.rpm	b3259e2d62deb557b75712de4cb07667cf998ce2e14039ff6244d3d2284635c7	-	ol9_aarch64_appstream
	bind-devel-9.16.23-18.0.1.el9_4.6.aarch64.rpm	5f64a5b2b0dc2c7de26126bc027ed96872c85f500427947a1965c92f2b0a6333	-	ol9_aarch64_codeready_builder
	bind-dnssec-doc-9.16.23-18.0.1.el9_4.6.noarch.rpm	3fc6a8ac1e2f143abcf3b0107652d064a65bb3bee930ad3bc78531c5c0c73056	-	ol9_aarch64_appstream
	bind-dnssec-utils-9.16.23-18.0.1.el9_4.6.aarch64.rpm	d1562ab9671a42adad76fe085c4657ae31ca03a4331aa2093c8254167d841cae	-	ol9_aarch64_appstream
	bind-doc-9.16.23-18.0.1.el9_4.6.noarch.rpm	ee53709afce5270e603d36027b4a98b665d53161ed06c2f43c91f706e9074b18	-	ol9_aarch64_codeready_builder
	bind-dyndb-ldap-11.9-10.el9_4.aarch64.rpm	b77b155898a092822fee600c14377e9858abc8911ba28ba71048c51c7d386fb8	-	ol9_aarch64_appstream
	bind-libs-9.16.23-18.0.1.el9_4.6.aarch64.rpm	7acbbdf1d72d8217a083ffe7b5ea9384504389f56aee5c37e79ef0a9eaec10f0	-	ol9_aarch64_appstream
	bind-license-9.16.23-18.0.1.el9_4.6.noarch.rpm	0d6caf36446ff341d65d89a2f433e6c105827508d4e8e679368ed4e7dff8e44f	-	ol9_aarch64_appstream
	bind-utils-9.16.23-18.0.1.el9_4.6.aarch64.rpm	bc9e74921cd9919f2a387770e8b4ded78bf4ec733e35379e922c2bf22a824a18	-	ol9_aarch64_appstream
	python3-bind-9.16.23-18.0.1.el9_4.6.noarch.rpm	926f2adfdf87fcf98707d6f2cac32ed3250fbf836d4f32c5a7802a7202a45c7b	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	bind-9.16.23-18.0.1.el9_4.6.src.rpm	2fa686f120279b4133138b8a6af07e8bc6b8822a7088550e2e82a2497dacec7a	-	ol9_x86_64_appstream
	bind-9.16.23-18.0.1.el9_4.6.src.rpm	2fa686f120279b4133138b8a6af07e8bc6b8822a7088550e2e82a2497dacec7a	-	ol9_x86_64_codeready_builder
	bind-dyndb-ldap-11.9-10.el9_4.src.rpm	936f43683eff688336f73c5971d0266472358d6e740266f7c6baa51440fe4672	-	ol9_x86_64_appstream
	bind-9.16.23-18.0.1.el9_4.6.x86_64.rpm	ffb443954e7011a7640a2f3e8839158a28310761bd28d4b4b390b8fc2d6ad410	-	ol9_x86_64_appstream
	bind-chroot-9.16.23-18.0.1.el9_4.6.x86_64.rpm	229915034ceff1ed0d7bffa6ace7b9dd84c76599cf696014392e2dadcfd9eba4	-	ol9_x86_64_appstream
	bind-devel-9.16.23-18.0.1.el9_4.6.i686.rpm	a1a72b3cc76481288591b7520922947d51a9343df1190fc20f84e80a3b8c9b9a	-	ol9_x86_64_codeready_builder
	bind-devel-9.16.23-18.0.1.el9_4.6.x86_64.rpm	5521013ff3614128846b43b8dd6806e98bc85fefba7d282571aa72a48d546723	-	ol9_x86_64_codeready_builder
	bind-dnssec-doc-9.16.23-18.0.1.el9_4.6.noarch.rpm	3fc6a8ac1e2f143abcf3b0107652d064a65bb3bee930ad3bc78531c5c0c73056	-	ol9_x86_64_appstream
	bind-dnssec-utils-9.16.23-18.0.1.el9_4.6.x86_64.rpm	d59863b991d35c3076f5653f26fa21a6ee0e1f66e0afb5c373a182c2583917fb	-	ol9_x86_64_appstream
	bind-doc-9.16.23-18.0.1.el9_4.6.noarch.rpm	ee53709afce5270e603d36027b4a98b665d53161ed06c2f43c91f706e9074b18	-	ol9_x86_64_codeready_builder
	bind-dyndb-ldap-11.9-10.el9_4.x86_64.rpm	3fcfd2ca5bf2c3a7b563ba3569bb2b1b03fc6da85ee56131b4758c7f4127584c	-	ol9_x86_64_appstream
	bind-libs-9.16.23-18.0.1.el9_4.6.i686.rpm	aff5c395e205d020b912dc93bf018608cd285ea44efd64c054b0ed4b13095d61	-	ol9_x86_64_codeready_builder
	bind-libs-9.16.23-18.0.1.el9_4.6.x86_64.rpm	9e56234bfa2fdb7975000d5d2e96437250464dfc5ae970a5e5725105c73c16a6	-	ol9_x86_64_appstream
	bind-license-9.16.23-18.0.1.el9_4.6.noarch.rpm	0d6caf36446ff341d65d89a2f433e6c105827508d4e8e679368ed4e7dff8e44f	-	ol9_x86_64_appstream
	bind-utils-9.16.23-18.0.1.el9_4.6.x86_64.rpm	8d8fec81c2748051f20a9c222a9af1ffbe1db0d7670b14e0580763337323edf2	-	ol9_x86_64_appstream
	python3-bind-9.16.23-18.0.1.el9_4.6.noarch.rpm	926f2adfdf87fcf98707d6f2cac32ed3250fbf836d4f32c5a7802a7202a45c7b	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691