Critical Vulnerability Information Disclosure Date: April 28, 2021 Vulnerability Details: 1. CVE-2021-25214: - Description: A corruption issue in Incremental Zone Transfer (IXFR) metadata updates may lead to unexpected termination. - Link: CVE-2021-25214 2. CVE-2021-25215: - Description: Assertion checks may fail when processing queries that require resolving their own DNAME records. - Link: CVE-2021-25215 3. CVE-2021-25216: - Description: A second vulnerability in BIND’s GSSAPI security policy negotiation may allow buffer overflow attacks. - Link: CVE-2021-25216 Affected Software and Versions: BIND 9.17.x using system SPNEGO since version 9.17.2. Remediation: New versions of BIND can be downloaded from here. System administrators and package maintainers applying patches selectively can find specific vulnerability patches in the “patches” subdirectory of the release directories for stable versions 9.11 and 9.16. Patches for 9.11.31 Patches for 9.16.15 Note: Patches for CVE-2021-25216 appear to be missing in some supported Alpine versions.