ELA-509-1 bind9 security update
Package bind9
ELA-509-1 bind9 security update
Version 1:9.9.5.dfsg-9+deb8u23
Related CVEs CVE-2021-25219
Kishore Kumar Kothapalli discovered that the lame server cache in BIND, a DNS server implementation, can be abused by an attacker to significantly degrade resolver performance, resulting in denial of service (large delays for responses for client queries and DNS timeouts on client hosts).
For Debian 8 jessie, these problems have been fixed in version 1:9.9.5.dfsg-9+deb8u23.
We recommend that you upgrade your bind9 packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
A bind9 security update has been released for Debian GNU/Linux 8 Extended LTS.