RHSA-2021:0671

Affecting bind-license package, versions <32:9.11.4-26.P2.el7_9.4

Report new vulnerabilities
high severity
Do your applications use this vulnerable package? Test your applications

Overview

Affected versions of this package are vulnerable to RHSA-2021:0671. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Remediation

Upgrade bind-license to version or higher.

References

CVE
RHSA-2021:0671
Snyk ID
SNYK-CENTOS7-BINDLICENSE-1081444
Published
03 Mar, 2021