ALSA-2025:1670

[ALSA-2025:1670] Important: bind9.18 security update

Type:

security

Severity:

important

Release date:

2025-02-24

Description:

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly.  

Security Fix(es):  

  * bind: bind9: Many records in the additional section cause CPU exhaustion (CVE-2024-11187)
  * bind: bind9: DNS-over-HTTPS implementation suffers from multiple issues under heavy query load (CVE-2024-12705)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	bind9.18-9.18.29-1.el9_5.1.aarch64.rpm	166aefa2e06f7e7877b9fefc25e063709639b04bac46e152e2d9e359e39ba78d
aarch64	bind9.18-utils-9.18.29-1.el9_5.1.aarch64.rpm	36e1ef48a574f6f13cb593163685824df6ff6a094f90faaecb9e530ecb16d6a9
aarch64	bind9.18-dnssec-utils-9.18.29-1.el9_5.1.aarch64.rpm	509454c71909b45f283363c52995a9ebcfaed7bf7b6b6859e0624f987331c915
aarch64	bind9.18-chroot-9.18.29-1.el9_5.1.aarch64.rpm	b003666fb34c70b1fd9e91291e163f443d006d933ff33891f6da3b7ae16d6750
aarch64	bind9.18-libs-9.18.29-1.el9_5.1.aarch64.rpm	b1000b4a61744e8971cd3067c9620b1ebd02b121f3144668acce557f7b17ae6f
aarch64	bind9.18-devel-9.18.29-1.el9_5.1.aarch64.rpm	ee03d1a4ecb6c022b99bf850e9817ec28c6f290f4c24396b5a3427fe7fff730f
i686	bind9.18-devel-9.18.29-1.el9_5.1.i686.rpm	e55d00af0263df5cf6cfeedac00525d9c0e2f0aa85c0799f8d81b61ad9aede05
i686	bind9.18-libs-9.18.29-1.el9_5.1.i686.rpm	e7b2c5c85f9f11b9f2b8e94d14025fb667f6be5ddbdc67997c1bed960f76f686
noarch	bind9.18-doc-9.18.29-1.el9_5.1.noarch.rpm	77c63238095876975f73c8eaaf24d184ac4b256cba65b144aebfaaff277235c2
ppc64le	bind9.18-devel-9.18.29-1.el9_5.1.ppc64le.rpm	040e3c9fdf8b1e3f7b7a2904c80cb0b100176b6384ab2338880a8bc8b0413804
ppc64le	bind9.18-dnssec-utils-9.18.29-1.el9_5.1.ppc64le.rpm	54d62b36188d202a0481e1c85488d254b626e9e9595490c4568f48073570d746
ppc64le	bind9.18-utils-9.18.29-1.el9_5.1.ppc64le.rpm	5f8ced617e6c4b0d9e4f6912c0c32cd588c628f781d332ee089264e0f81fa5fe
ppc64le	bind9.18-libs-9.18.29-1.el9_5.1.ppc64le.rpm	71efdfd8d18ad948d1825a9b8396fceceda8c22b4af8cb4d96065819b20a7e75
ppc64le	bind9.18-chroot-9.18.29-1.el9_5.1.ppc64le.rpm	ee677db74ec0a171d26e04d113b52f0052fbc8af13205b4dc68bcb2ac64ed301
ppc64le	bind9.18-9.18.29-1.el9_5.1.ppc64le.rpm	f53359d31988398e36bafe92baf94455e7b14744bc201844fb9ac6005c6ceb54
s390x	bind9.18-9.18.29-1.el9_5.1.s390x.rpm	07513e060ffd5b27272cf189fcafcac05f1deb0607bd3a09e6dcaae0a94c8b60
s390x	bind9.18-libs-9.18.29-1.el9_5.1.s390x.rpm	18ec345f9acbd07fcb45efec6a85052008f1911deda7f079617bb4607bee6200
s390x	bind9.18-devel-9.18.29-1.el9_5.1.s390x.rpm	54cb879e21320ce3195ac053652d317c670cfa77bdcdcd1c08e6ab585b4e1964
s390x	bind9.18-utils-9.18.29-1.el9_5.1.s390x.rpm	a53ccc8018511d40a7202609e1963a01236ad3780ed95befb45a4fb8fea635bc
s390x	bind9.18-dnssec-utils-9.18.29-1.el9_5.1.s390x.rpm	dfbb494e3512b7cdc759a5a1a6ba75094973871fc0f118472728f16aacb7c343
s390x	bind9.18-chroot-9.18.29-1.el9_5.1.s390x.rpm	e0834566c6866f03caf1563a89fdaddb68102d0764b118df0ed3d61a7f0ae5c1
x86_64	bind9.18-dnssec-utils-9.18.29-1.el9_5.1.x86_64.rpm	0f069f98728d8eeb59b4ca4c34519898c9fa26977a3342e936364d993d0bff21
x86_64	bind9.18-utils-9.18.29-1.el9_5.1.x86_64.rpm	119dd6db0cc041c66431407b56e05485520540362ce4bef2d1803cb15194bf45
x86_64	bind9.18-devel-9.18.29-1.el9_5.1.x86_64.rpm	503159595bdb7f23db0745b4827135a3bca3b202f62986db3162f3d7f54a8f76
x86_64	bind9.18-chroot-9.18.29-1.el9_5.1.x86_64.rpm	571ab37c1fe119a5ba7df3295c476cca37d4689a8f627e1324f5fc0dcc945900
x86_64	bind9.18-libs-9.18.29-1.el9_5.1.x86_64.rpm	c01de10e9c2abefc1bf55ade1cec292e43ab6632659c65c1a79d4d1e501302fe
x86_64	bind9.18-9.18.29-1.el9_5.1.x86_64.rpm	c9be248d08c036327892b2d3da254a03134c5395f3da5c5c2609c7a929f8c894

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.