Debian 10220 Published by

A bind9 security update has been released for Debian GNU/Linux 8 Extended LTS.



ELA-509-1 bind9 security update

Package bind9
Version 1:9.9.5.dfsg-9+deb8u23
Related CVEs CVE-2021-25219

Kishore Kumar Kothapalli discovered that the lame server cache in BIND, a DNS server implementation, can be abused by an attacker to significantly degrade resolver performance, resulting in denial of service (large delays for responses for client queries and DNS timeouts on client hosts).

For Debian 8 jessie, these problems have been fixed in version 1:9.9.5.dfsg-9+deb8u23.

We recommend that you upgrade your bind9 packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-509-1 bind9 security update