libbind9.so is vulnerable to authorization bypass. A malicious user can trigger a TSIG authentication error to cause an unauthorized DNS zone transfer or other DNS transactions. This vulnerability only applies to DNS servers using bind that have no-address based ACL in place.
www.securityfocus.com/bid/99337
www.securitytracker.com/id/1038809
access.redhat.com/errata/RHSA-2017:1679
access.redhat.com/errata/RHSA-2017:1680
bugzilla.redhat.com/show_bug.cgi?id=1466193
h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_us
kb.isc.org/article/AA-01503
kb.isc.org/docs/aa-01503
security.netapp.com/advisory/ntap-20190830-0003/
source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=581c1526ab
www.debian.org/security/2017/dsa-3904