-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4529-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès April 13, 2026 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : bind9 Version : 1:9.16.50-1~deb11u5 CVE ID : CVE-2026-1519 BIND a popular name server (DNS) was affected by a vulnerability. If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries For Debian 11 bullseye, this problem has been fixed in version 1:9.16.50-1~deb11u5. We recommend that you upgrade your bind9 packages. For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bind9 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmncoswACgkQADoaLapB CF/73RAAliMVsyuVW3M4vJRejYsYmnbkSKcpEZAwuOnuppaIleWw5nziLK9J9bOQ +YGE8gvs5AzY6KDngzGGzTsMZmFSmu4rrIbGtlUR4sDd0pO2+e9Bevp34sjbSbFw VDdTAW7CyXQAyVle2Mljrrga6uiVITzJH5dbjKuJ8ZJXBteFNygBrFknruIFGUUc 6HYf6/UUc3yYs49bAAtwBvdSt5tiWaA9s9IeZiAHY/ynNAPw3X7Mo95vM3CY3eB7 AOoqtJI5jxprT72hU54/RlfTK3xxe9Fv6u9Kw7XvXyyu2q6rjKdl/K5d2VWIsY0K 1ZDSimzW2ZEIx/MI0nHGO9XnA2XnsxbHolqUVYOkPj+VSlsYQ1JBND9PRNX0lefe /xU4P/2S45L9n+7QiHld37Z5y6U70yi9PNSrQ53xc9bAEUaQ26qLvzMEo/O9/Mqt ecX8hBmKP7vRSHGSgSIaNv3T3u/YVhuvjkTcmjasQQLueDXulRGrkOzp03wkkJin FiTgAoIObhrML9faMNkPZKkRPFCv67q7KW04RRVgbIWF3tB6U1pDYEbkcsbTfvng suMRjharC7/XaiwFOEpiaf71Vy/Astve3ZsIR5KSeU4wJjJZxBSVS5LTLob+MF2q 316CDCCbBOayMjZ0TFR6MLU37BiMP8ySSXAUgKtib/b1DbjO5x4= =s6kG -----END PGP SIGNATURE-----
