The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. The following packages have been upgraded to a later upstream version: bind . Security Fix: * bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c * bind: truncated TSIG response can lead to an assertion failure * bind: remotely triggerable assertion failure in pk11.c * bind: incorrect enforcement of update-policy rules of type quot;subdomainquot; For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the CentOS 8.3 Release Notes linked from the References section.