Bug 238750 - dns/bind911: Vulnerability discovered in BIND CVE-2019-6471
Summary: dns/bind911: Vulnerability discovered in BIND CVE-2019-6471
Status: Closed Overcome By Events
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Mathieu Arnold
URL: https://kb.isc.org/docs/cve-2019-6471
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-21 16:09 UTC by Lefteris Tsintjelis
Modified: 2019-06-22 12:38 UTC (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Lefteris Tsintjelis 2019-06-21 16:09:17 UTC 
CATEGORY dns net ipv6
PORT bind911
MAINTAINER mat@FreeBSD.org

Please update port as vulnerability discovered in BIND could allow denial of service attacks. v9.11.8 seems to resolve the issue. 

CVE-2019-6471
Comment 1 Lefteris Tsintjelis 2019-06-21 20:58:12 UTC 
It actually affects just about all bind versions 9.11 and above.
Comment 2 Mathieu Arnold freebsd_committer freebsd_triage 2019-06-22 12:38:19 UTC 
The BIND9 ports were updated two days before this PR was opened.