1. 내용
- TSIG 유효성을 확인하는 코드의 논리 오류를 사용하여 tsig.c에서 어설션 실패를 트리거 할 수 있다.
2. 업데이트 방법
- yum update bind
3. 관련 패키지
bind-9.11.4-9.P2.el7_7.1.x86_64.rpm bind-chroot-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-debuginfo-9.11.4-9.P2.el7_7.1.i686.rpm
bind-debuginfo-9.11.4-9.P2.el7_7.1.i686.rpm
bind-debuginfo-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-debuginfo-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-devel-9.11.4-9.P2.el7_7.1.i686.rpm
bind-devel-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-export-devel-9.11.4-9.P2.el7_7.1.i686.rpm
bind-export-devel-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-export-libs-9.11.4-9.P2.el7_7.1.i686.rpm
bind-export-libs-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-libs-9.11.4-9.P2.el7_7.1.i686.rpm
bind-libs-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-libs-lite-9.11.4-9.P2.el7_7.1.i686.rpm
bind-libs-lite-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-license-9.11.4-9.P2.el7_7.1.noarch.rpm
bind-lite-devel-9.11.4-9.P2.el7_7.1.i686.rpm
bind-lite-devel-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-pkcs11-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-pkcs11-devel-9.11.4-9.P2.el7_7.1.i686.rpm
bind-pkcs11-devel-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-pkcs11-libs-9.11.4-9.P2.el7_7.1.i686.rpm
bind-pkcs11-libs-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-pkcs11-utils-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-sdb-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-sdb-chroot-9.11.4-9.P2.el7_7.1.x86_64.rpm
bind-utils-9.11.4-9.P2.el7_7.1.x86_64.rpm
4. CVE-ID
CVE-2020-8617
5. 참조
https://access.redhat.com/errata/RHSA-2020:2893