26813 – bind new security issues CVE-2020-8618 and CVE-2020-8619

Bug 26813 - bind new security issues CVE-2020-8618 and CVE-2020-8619

Summary: bind new security issues CVE-2020-8618 and CVE-2020-8619

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: major
Target Milestone:	---
Assignee:	Guillaume Rousse
QA Contact:	Sec team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2020-06-18 17:04 CEST by David Walser
Modified:	2020-06-20 19:14 CEST (History)
CC List:	0 users

See Also:
Source RPM:	bind-9.11.19-2.mga8.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2020-06-18 17:04:21 CEST

ISC has issued an advisory on June 17:
https://kb.isc.org/docs/cve-2020-8619

The issue is fixed upstream in 9.11.20:
https://downloads.isc.org/isc/bind9/9.11.20/RELEASE-NOTES-bind-9.11.20.html

As long as the issue was introduced by one of the previous CVE patches, Mageia 7 is not affected.

David Walser 2020-06-18 17:04:34 CEST

Status comment: (none) => Fixed upstream in 9.11.20

Comment 1 David Walser 2020-06-18 18:05:41 CEST

Ubuntu has issued an advisory for this on June 17:
https://usn.ubuntu.com/4399-1/

Comment 2 David Walser 2020-06-20 19:14:13 CEST

bind-9.11.20-1.mga8 uploaded for Cauldron by Guillaume.

Status: NEW => RESOLVED
Status comment: Fixed upstream in 9.11.20 => (none)
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.