Unsubscribe On Fri, May 17, 2024 at 11:35 PM Santiago Ruano Rincón < santi...@freexian.com> wrote:
> ------------------------------------------------------------------------- > Debian LTS Advisory DLA-3816-1 debian-lts@lists.debian.org > https://www.debian.org/lts/security/ Santiago Ruano Rincón > May 17, 2024 https://wiki.debian.org/LTS > ------------------------------------------------------------------------- > > Package : bind9 > Version : 1:9.11.5.P4+dfsg-5.1+deb10u11 > CVE ID : CVE-2023-50387 CVE-2023-50868 > Debian Bug : > > Two vulnerabilities were discovered in BIND, a DNS server implementation, > which > may result in denial of service. > > CVE-2023-50387 > > Certain DNSSEC aspects of the DNS protocol allow remote attackers to > cause > a denial of service via DNSSEC queries. This is known as the "KeyTrap" > issue. > > CVE-2023-50868 > > The Closest Encloser Proof aspect of the DNS protocol allows remote > attackers to cause a denial of service via DNSSEC queries in a random > subdomain attack. This is known as the "NSEC3" issue. > > For Debian 10 buster, these problems have been fixed in version > 1:9.11.5.P4+dfsg-5.1+deb10u11. > > We recommend that you upgrade your bind9 packages. > > For the detailed security status of bind9 please refer to > its security tracker page at: > https://security-tracker.debian.org/tracker/bind9 > > Further information about Debian LTS security advisories, how to apply > these updates to your system and frequently asked questions can be > found at: https://wiki.debian.org/LTS > -- Regards, Arjun Karangiya Computer Engineer
