Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-1725)

The remote host is missing an update for the Huawei EulerOS 'bind' package(s) announced via the EulerOS-SA-2021-1725 advisory.

A flaw was found in bind when an asterisk character is present in an empty non-terminal location within the DNS graph. This flaw could trigger an assertion failure, causing bind to crash. The highest threat from this vulnerability is to system availability.(CVE-2020-8619) BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 - 9.11.27, 9.12.0 - 9.16.11, and versions BIND 9.11.3-S1 - 9.11.27-S1 and 9.16.8-S1 - 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 - 9.17.1 of the BIND 9.17 development branch(CVE-2020-8625)

'bind' package(s) on Huawei EulerOS Virtualization release 2.9.1.

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).