[Git][security-tracker-team/security-tracker][master] Add initial tracking for bind9 issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
06e19f58 by Salvatore Bonaccorso at 2026-03-25T20:46:27+01:00
Add initial tracking for bind9 issues

for a subset of CVEs versions older than 9.18.y upstream will not be
affected; will be pinpointed in a second iteration.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2026-1519 [Excessive NSEC3 iterations cause high CPU load during insecure delegation validation]
+	- bind9 <unfixed>
+	NOTE: https://kb.isc.org/docs/cve-2026-1519
+CVE-2026-3104 [Memory leak in code preparing DNSSEC proofs of non-existence]
+	- bind9 <unfixed>
+	NOTE: https://kb.isc.org/docs/cve-2026-3104
+CVE-2026-3119 [Authenticated query containing a TKEY record may cause named to terminate unexpectedly]
+	- bind9 <unfixed>
+	NOTE: https://kb.isc.org/docs/cve-2026-3119
+CVE-2026-3591 [A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass]
+	- bind9 <unfixed>
+	NOTE: https://kb.isc.org/docs/cve-2026-3591
 CVE-2026-3608
 	- isc-kea 3.0.3-1
 	NOTE: https://kb.isc.org/docs/cve-2026-3608



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06e19f58c7970356b370676f9522dd0fd88d2571

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06e19f58c7970356b370676f9522dd0fd88d2571
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260325/3a13caa5/attachment.htm>