[Buildroot] [PATCH] package/bind: security bump to version 9.11.36
Peter Korsgaard
peter at korsgaard.com
Sat Oct 30 17:35:53 UTC 2021
Fixes the following security issues:
- CVE-2021-25219: Lame cache can be abused to severely degrade resolver
performance
For details, see the advisory:
https://kb.isc.org/docs/cve-2021-25219
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/bind/bind.hash | 6 +++---
package/bind/bind.mk | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/bind/bind.hash b/package/bind/bind.hash
index 12b80149c5..70299f1677 100644
--- a/package/bind/bind.hash
+++ b/package/bind/bind.hash
@@ -1,4 +1,4 @@
-# Verified from https://ftp.isc.org/isc/bind9/9.11.35/bind-9.11.35.tar.gz.asc
-# with key E9AB6E79233C0416E8993F450C03AFA90A5967C4
-sha256 1c882705827b6aafa45d917ae3b20eccccc8d5df3c4477df44b04382e6c47562 bind-9.11.35.tar.gz
+# Verified from https://ftp.isc.org/isc/bind9/9.11.36/bind-9.11.36.tar.gz.asc
+# with key AADBBA5074F1402F7B69D56BC5B4EE931A9F9DFD
+sha256 c953fcb6703b395aaa53e65ff8b2869b69a5303dd60507cba2201305e1811681 bind-9.11.36.tar.gz
sha256 cad49daa42654bc241762cd998630168a2542c8fd6fad3881e2eac1510bb6fcd COPYRIGHT
diff --git a/package/bind/bind.mk b/package/bind/bind.mk
index 0d95da209c..ba32d6150a 100644
--- a/package/bind/bind.mk
+++ b/package/bind/bind.mk
@@ -4,7 +4,7 @@
#
################################################################################
-BIND_VERSION = 9.11.35
+BIND_VERSION = 9.11.36
BIND_SITE = https://ftp.isc.org/isc/bind9/$(BIND_VERSION)
# bind does not support parallel builds.
BIND_MAKE = $(MAKE1)
--
2.20.1
More information about the buildroot
mailing list