Download
| Alert*
oval:org.secpod.oval:def:113623
ldns is installed oval:org.secpod.oval:def:113622 ldns is a library with the aim to simplify DNS programming in C. All low-level DNS/DNSSEC operations are supported. We also define a higher level API which allows a programmer to create or sign packets. oval:org.secpod.oval:def:3301009 SUSE Security Update: Security update for ldns oval:org.secpod.oval:def:89047576 This update for ldns fixes the following issues: - CVE-2020-19860: Fixed heap-based out of bounds read when verifying a zone file . - CVE-2020-19861: Fixed heap-based out of bounds read in ldns_nsec3_salt_data . oval:org.secpod.oval:def:1701296 When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload oval:org.secpod.oval:def:89050434 This update for ldns fixes the following issues: - CVE-2017-1000231: Fixed a buffer overflow during token parsing . - CVE-2017-1000232: Fixed a double-free vulnerability in str2host.c . oval:org.secpod.oval:def:114067 ldns is a library with the aim to simplify DNS programming in C. All low-level DNS/DNSSEC operations are supported. We also define a higher level API which allows a programmer to create or sign packets. |