Bug 26813

Summary: bind new security issues CVE-2020-8618 and CVE-2020-8619
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: Guillaume Rousse <guillomovitch>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: major    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: bind-9.11.19-2.mga8.src.rpm CVE:
Status comment:

Description David Walser 2020-06-18 17:04:21 CEST 
ISC has issued an advisory on June 17:
https://kb.isc.org/docs/cve-2020-8619

The issue is fixed upstream in 9.11.20:
https://downloads.isc.org/isc/bind9/9.11.20/RELEASE-NOTES-bind-9.11.20.html

As long as the issue was introduced by one of the previous CVE patches, Mageia 7 is not affected.
David Walser 2020-06-18 17:04:34 CEST

Status comment: (none) => Fixed upstream in 9.11.20

Comment 1 David Walser 2020-06-18 18:05:41 CEST 
Ubuntu has issued an advisory for this on June 17:
https://usn.ubuntu.com/4399-1/
Comment 2 David Walser 2020-06-20 19:14:13 CEST 
bind-9.11.20-1.mga8 uploaded for Cauldron by Guillaume.

Status: NEW => RESOLVED
Status comment: Fixed upstream in 9.11.20 => (none)
Resolution: (none) => FIXED