[Bug 277035] dns/bind918: Security vulnerabilities

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 13 Feb 2024 18:41:44 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277035

            Bug ID: 277035
           Summary: dns/bind918: Security vulnerabilities
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: mat@FreeBSD.org
          Reporter: cy@FreeBSD.org
                CC: portmgr@FreeBSD.org
             Flags: maintainer-feedback?(mat@FreeBSD.org)
          Assignee: mat@FreeBSD.org
             Flags: maintainer-feedback?, merge-quarterly?

Created attachment 248445
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=248445&action=edit
Update dns/bind918 to 9.18.24

Cybersecurity and Infrastructure Security Agency (CISA)

You are subscribed to Cybersecurity Advisories for Cybersecurity and
Infrastructure Security Agency. This information has recently been updated and
is now available.



ISC Releases Security Advisories for BIND 9 [
https://www.cisa.gov/news-events/alerts/2024/02/13/isc-releases-security-advisories-bind-9
] 02/13/2024 1:10 PM EST 

The Internet Systems Consortium (ISC) released security advisories to address
vulnerabilities affecting multiple versions of ISCs Berkeley Internet Name
Domain (BIND) 9. A cyber threat actor could exploit one of these
vulnerabilities to cause a denial-of-service condition.

CISA encourages users and administrators to review the following advisories and
apply the necessary updates:


  * CVE-2023-50868 [ https://kb.isc.org/docs/cve-2023-50868 ] 
  * CVE-2023-50387 [ https://kb.isc.org/docs/cve-2023-50387 ] 
  * CVE-2023-6516 [ https://kb.isc.org/docs/cve-2023-6516 ] 
  * CVE-2023-5680 [ https://kb.isc.org/docs/cve-2023-5680 ] 
  * CVE-2023-5679 [ https://kb.isc.org/docs/cve-2023-5679 ] 
  * CVE-2023-5517 [ https://kb.isc.org/docs/cve-2023-5517 ] 
  * CVE-2023-4408 [ https://kb.isc.org/docs/cve-2023-4408 ] 

This product is provided subject to this Notification [
https://www.cisa.gov/notification ] and this Privacy & Use [
https://www.cisa.gov/privacy-policy ] policy.

body { font-size: 1em; font-family: Arial, Verdana, sans-serif; font-weight:
normal; font-style: normal; color: #333333; } 

Having trouble viewing this message? View it as a webpage [
https://content.govdelivery.com/accounts/USDHSCISA/bulletins/38a5904 ].  [
https://content.govdelivery.com/accounts/USDHS/bulletins/292141e ]

You are subscribed to updates from the Cybersecurity and Infrastructure
Security Agency [ https://www.cisa.gov ] (CISA)
Manage Subscriptions [
https://public.govdelivery.com/accounts/USDHSCISA/subscriber/edit?preferences=true#tab1
]  |  Privacy Policy [ https://www.cisa.gov/privacy-policy ]  |  Help [
https://subscriberhelp.granicus.com/s/article/Subscriber-Help-Center ] [
https://insights.govdelivery.com/Communications/Subscriber_Help_Center ]

Connect with CISA: 
Facebook [ https://www.facebook.com/CISA ]  |  Twitter [
https://twitter.com/CISAgov ]  |  Instagram [ https://Instagram.com/cisagov ] 
|  LinkedIn [
https://www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
]  |   YouTube [ https://www.youtube.com/channel/UCxyq9roe-npgzrVwbpoAy0A ]

-- 
You are receiving this mail because:
You are the assignee for the bug.