Bugzilla – Bug 1215471
VUL-0: CVE-2023-4236: bind: named may terminate unexpectedly under high DNS-over-TLS query load
Last modified: 2024-06-05 13:50:30 UTC
is public On 20 September 2023 we (Internet Systems Consortium) disclosed two vulnerabilities affecting our BIND 9 software: - CVE-2023-4236: named may terminate unexpectedly under high DNS-over-TLS query load https://kb.isc.org/docs/cve-2023-4236 New versions of BIND 9 are available from https://www.isc.org/downloads Operators and package maintainers who prefer to apply patches selectively can find individual vulnerability-specific patches in the "patches" subdirectory of each published release directory: - https://downloads.isc.org/isc/bind9/9.16.44/patches/ - https://downloads.isc.org/isc/bind9/9.18.19/patches/ - https://downloads.isc.org/isc/bind9/9.19.17/patches/ With the public announcement of these vulnerabilities, the embargo period is ended and any updated software packages that have been prepared may be released. -- Best regards, Michał Kępień
This is an autogenerated message for OBS integration: This bug (1215471) was mentioned in https://build.opensuse.org/request/show/1112571 Factory / bind
Submissions for all affected codestreams are accepted.
done, closing