<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
Comparto.<br>
<br>
Saludos.<br>
HM<br>
<div class="moz-forward-container"><br>
<br>
-------- Forwarded Message --------
<table class="moz-email-headers-table" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Subject:
</th>
<td>[lacnog] Fwd: 4 vulnerabiidades en Bind 9 y sus patches.</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date: </th>
<td>Thu, 17 Mar 2022 08:37:48 -0300</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">From: </th>
<td>Graciela Martinez <a class="moz-txt-link-rfc2396E" href="mailto:gmartinez@lacnic.net"><gmartinez@lacnic.net></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Reply-To:
</th>
<td>Latin America and Caribbean Region Network Operators
Group <a class="moz-txt-link-rfc2396E" href="mailto:lacnog@lacnic.net"><lacnog@lacnic.net></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">To: </th>
<td>Latin America and Caribbean Region Network Operators
Group <a class="moz-txt-link-rfc2396E" href="mailto:lacnog@lacnic.net"><lacnog@lacnic.net></a></td>
</tr>
</tbody>
</table>
<br>
<br>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
Buen día,<br>
<div class="moz-forward-container">
<p>Les comparto esta información por si es de vuestro interés.<br>
</p>
<p>Se divulagron 4 vulnerabilidades en BIND 9 <br>
<br>
CVE-2021-25220: DNS forwarders - cache poisoning
vulnerability <br>
<a class="moz-txt-link-freetext"
href="https://kb.isc.org/docs/CVE-2021-25220"
moz-do-not-send="true">https://kb.isc.org/docs/CVE-2021-25220</a>
<br>
<br>
CVE-2022-0396: DoS from specifically crafted TCP packets <br>
<a class="moz-txt-link-freetext"
href="https://kb.isc.org/docs/cve-2022-0396"
moz-do-not-send="true">https://kb.isc.org/docs/cve-2022-0396</a>
<br>
<br>
CVE-2022-0635: DNAME insist with synth-from-dnssec enabled <br>
<a class="moz-txt-link-freetext"
href="https://kb.isc.org/docs/cve-2022-0635"
moz-do-not-send="true">https://kb.isc.org/docs/cve-2022-0635</a>
<br>
<br>
CVE-2022-0667: Assertion failure on delayed DS lookup <br>
<a class="moz-txt-link-freetext"
href="https://kb.isc.org/docs/cve-2022-0667"
moz-do-not-send="true">https://kb.isc.org/docs/cve-2022-0667</a>
<br>
<br>
Las nuevas versiones están disponibles en <a
class="moz-txt-link-freetext"
href="https://www.isc.org/downloads" moz-do-not-send="true">https://www.isc.org/downloads</a>
<br>
</p>
<p>Para los 3 releases estables 9.11. 9.16 y 9.18 los patches se
pueden acceder acá:<br>
<br>
<a class="moz-txt-link-freetext"
href="https://downloads.isc.org/isc/bind9/9.11.37/patches/"
moz-do-not-send="true">https://downloads.isc.org/isc/bind9/9.11.37/patches/</a>
<br>
<a class="moz-txt-link-freetext"
href="https://downloads.isc.org/isc/bind9/9.16.27/patches/"
moz-do-not-send="true">https://downloads.isc.org/isc/bind9/9.16.27/patches/</a>
<br>
<a class="moz-txt-link-freetext"
href="https://downloads.isc.org/isc/bind9/9.18.1/patches/"
moz-do-not-send="true">https://downloads.isc.org/isc/bind9/9.18.1/patches/</a></p>
<div class="moz-signature">Gracias por su atención.</div>
<div class="moz-signature"><br>
</div>
<div class="moz-signature">Saludos,<br>
<h3 style="color:#009DCA;">Ing. Graciela Martínez Giordano</h3>
<p style="color:#8A8B8A;"><strong>Líder de LACNIC CSIRT</strong><br>
Head of LACNIC CSIRT</p>
<p style="color:#8A8B8A;"><em>LACNIC - <a
href="http://www.lacnic.net" moz-do-not-send="true">www.lacnic.net</a><br>
Latin American and Caribbean Internet Addresses Registry</em></p>
</div>
</div>
</div>
</body>
</html>