ELA-369-1 bind9 security update

buffer overflow vulnerability

2021-02-19
Packagebind9
Version1:9.9.5.dfsg-9+deb8u21
Related CVEs CVE-2020-8625

It was discovered that there was a buffer overflow attack in the bind9 DNS server caused by an issue in the GSSAPI (“Generic Security Services”) security policy negotiation.

For Debian 8 Jessie, these problems have been fixed in version 1:9.9.5.dfsg-9+deb8u21.

We recommend that you upgrade your bind9 packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/