[Buildroot] [PATCH] package/bind: security bump to version 9.11.28

Peter Korsgaard peter at korsgaard.com
Mon Feb 22 13:35:46 UTC 2021


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security issue:
 > - CVE-2020-8625: When tkey-gssapi-keytab or tkey-gssapi-credential was
 >   configured, a specially crafted GSS-TSIG query could cause a buffer
 >   overflow in the ISC implementation of SPNEGO (a protocol enabling
 >   negotiation of the security mechanism to use for GSSAPI authentication).
 >   This flaw could be exploited to crash named.  Theoretically, it also
 >   enabled remote code execution, but achieving the latter is very difficult
 >   in real-world conditions

 > For details, see the advisory:
 > https://kb.isc.org/docs/cve-2020-8625

 > In addition, 9.11.26-27 fixed a number of issues, see the release notes for
 > details:
 > https://downloads.isc.org/isc/bind9/9.11.28/RELEASE-NOTES-bind-9.11.28.html

 > Drop now upstreamed patches, update the GPG key for the 2021-2022 variant
 > and update the COPYRIGHT hash for a change of year:

 > -Copyright (C) 1996-2020  Internet Systems Consortium, Inc. ("ISC")
 > +Copyright (C) 1996-2021  Internet Systems Consortium, Inc. ("ISC")

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list