[CLSA-2026:1782473390] bind: Fix of CVE-2025-8677
Type:
security
Severity:
Important
Release date:
2026-06-26 11:30:05 UTC
Description:
- CVE-2025-8677: fail DNSSEC validation on a matching but cryptographically invalid DNSKEY instead of skipping it, preventing CPU exhaustion from malformed DNSKEY records in a specially crafted zone
CVEs fixed:
Updated packages:
  • bind-9.16.23-31.el9_6.2.tuxcare.els4.x86_64.rpm
    sha:42518196a47b8d77bd704fda86d702c73430419c8ed905324f16dac300d0277d
  • bind-chroot-9.16.23-31.el9_6.2.tuxcare.els4.x86_64.rpm
    sha:3275a58224045ff452d2d29e7dcd0583d27367fc57a7dc43440fb17b7044d7e7
  • bind-devel-9.16.23-31.el9_6.2.tuxcare.els4.i686.rpm
    sha:43b050534ee34a7972d8d643e456d7249e9ab9b28b3cb5ea8dc6a3b49be7d92e
  • bind-devel-9.16.23-31.el9_6.2.tuxcare.els4.x86_64.rpm
    sha:41696b726e09c2f5894d2fd50bc7fb1ed936a075680ff7b91c6ad7ad0d94d2af
  • bind-dnssec-doc-9.16.23-31.el9_6.2.tuxcare.els4.noarch.rpm
    sha:4f0a39b74efde8dc0fcb1e7dbf431b7d1430cceeff9ac5b962a4089d52aefcea
  • bind-dnssec-utils-9.16.23-31.el9_6.2.tuxcare.els4.x86_64.rpm
    sha:27c14481917b89c37b6540ea534031aa037e91770d07f6fcf6107a0ebdf2ea79
  • bind-doc-9.16.23-31.el9_6.2.tuxcare.els4.noarch.rpm
    sha:18794d8c971ce8e23b54d5b21985ad78d4402555febe4521473d1628b846fe36
  • bind-libs-9.16.23-31.el9_6.2.tuxcare.els4.i686.rpm
    sha:656b2c4d9d4b78bae6c0b57603caf7495e2ceb85688e471a4fb75828458dadee
  • bind-libs-9.16.23-31.el9_6.2.tuxcare.els4.x86_64.rpm
    sha:1c27cca8ecbd674fa7cf5c7b4b46a5774d223150113af0bf5ca1fa468736f567
  • bind-license-9.16.23-31.el9_6.2.tuxcare.els4.noarch.rpm
    sha:e556cf287c6a5dd1b067321cec61e36296200f76f9422479745f3e1e0bb99f00
  • bind-utils-9.16.23-31.el9_6.2.tuxcare.els4.x86_64.rpm
    sha:2041f00808a53ae795e466c878a2ecabd6e51ab514acc6e8b42460e7837707d7
  • python3-bind-9.16.23-31.el9_6.2.tuxcare.els4.noarch.rpm
    sha:73887c15767273efd952e15c0b820eb8b30403cede70c1a6c57c6fae3057164e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.