{"schema_version":"1.7.2","id":"OESA-2025-2759","modified":"2025-11-28T12:51:28Z","published":"2025-11-28T12:51:28Z","upstream":["CVE-2025-40778"],"summary":"bind security update","details":"Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server.\r\n\r\nSecurity Fix(es):\n\nUnder certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache.\nThis issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.(CVE-2025-40778)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP4","name":"bind","purl":"pkg:rpm/openEuler/bind&distro=openEuler-20.03-LTS-SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.11.21-22.oe2003sp4"}]}],"ecosystem_specific":{"aarch64":["bind-9.11.21-22.oe2003sp4.aarch64.rpm","bind-chroot-9.11.21-22.oe2003sp4.aarch64.rpm","bind-debuginfo-9.11.21-22.oe2003sp4.aarch64.rpm","bind-debugsource-9.11.21-22.oe2003sp4.aarch64.rpm","bind-devel-9.11.21-22.oe2003sp4.aarch64.rpm","bind-export-devel-9.11.21-22.oe2003sp4.aarch64.rpm","bind-export-libs-9.11.21-22.oe2003sp4.aarch64.rpm","bind-libs-9.11.21-22.oe2003sp4.aarch64.rpm","bind-libs-lite-9.11.21-22.oe2003sp4.aarch64.rpm","bind-pkcs11-9.11.21-22.oe2003sp4.aarch64.rpm","bind-pkcs11-devel-9.11.21-22.oe2003sp4.aarch64.rpm","bind-utils-9.11.21-22.oe2003sp4.aarch64.rpm"],"noarch":["python3-bind-9.11.21-22.oe2003sp4.noarch.rpm"],"src":["bind-9.11.21-22.oe2003sp4.src.rpm"],"x86_64":["bind-9.11.21-22.oe2003sp4.x86_64.rpm","bind-chroot-9.11.21-22.oe2003sp4.x86_64.rpm","bind-debuginfo-9.11.21-22.oe2003sp4.x86_64.rpm","bind-debugsource-9.11.21-22.oe2003sp4.x86_64.rpm","bind-devel-9.11.21-22.oe2003sp4.x86_64.rpm","bind-export-devel-9.11.21-22.oe2003sp4.x86_64.rpm","bind-export-libs-9.11.21-22.oe2003sp4.x86_64.rpm","bind-libs-9.11.21-22.oe2003sp4.x86_64.rpm","bind-libs-lite-9.11.21-22.oe2003sp4.x86_64.rpm","bind-pkcs11-9.11.21-22.oe2003sp4.x86_64.rpm","bind-pkcs11-devel-9.11.21-22.oe2003sp4.x86_64.rpm","bind-utils-9.11.21-22.oe2003sp4.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2759"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-40778"}],"database_specific":{"severity":"High"}}