Bugzilla – Bug 1153994
VUL-0: CVE-2019-6476: bind: enabled QNAME minimization can crash named
Last modified: 2019-11-20 16:12:36 UTC
is public now
Today (2019-10-16) ISC announced two vulnerabilities in our BIND 9 software.
CVE-2019-6475, a DNSSEC validation bypass for mirror zones
CVE-2019-6476, a flaw in QNAME minimization that can lead to
an assertion failure.
These issues affect all prior BIND 9.14 releases and all prior BIND 9.15
Our full CVE text can be found at:
New releases of BIND, including security fixes for this vulnerability,
are available at: www.isc.org/downloads/
Release notes for the new versions can be obtained using the following
Acting Security Officer
Issue does not affect SUSE or openSUSE.