Download
| Alert*
oval:org.secpod.oval:def:89044294
python3-bind is installed oval:org.secpod.oval:def:89044293 This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update which could have caused named to terminate unexpectedly . - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the ... oval:org.secpod.oval:def:507742 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: processing large delegations may severely degrade resolver perform ... oval:org.secpod.oval:def:89050676 This update for bind fixes the following issues: Security issues fixed: - CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones . - CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupporte ... oval:org.secpod.oval:def:89050783 This update for bind fixes the following issues: Security issue fixed: - CVE-2019-6471: Fixed a reachable assert in dispatch.c. Non-security issue fixed: - bind will no longer rely on /etc/insserv.conf oval:org.secpod.oval:def:1506765 [32:9.11.36-8] - Correct regression preventing bind-dyndb-ldap build [32:9.11.36-7] - Prevent excessive resource use while processing large delegations. [32:9.11.36-6] - Prevent freeing zone during statistics rendering oval:org.secpod.oval:def:4501325 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: Broken inbound incremental zone update can cause named to termina ... oval:org.secpod.oval:def:1505265 [32:9.11.26-6] - Use random entropy to generate unique TKEY identifiers [32:9.11.26-5] - Fix possible assertion failure isc_refcount_current == 0 in free_rbtdb oval:org.secpod.oval:def:73627 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: An assertion check can fail while answering queries for DNAME reco ... oval:org.secpod.oval:def:4500013 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. For more details about the security issue, including the impact, a CVSS score, acknowled ... oval:org.secpod.oval:def:2500312 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. oval:org.secpod.oval:def:89047220 This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update which could have caused named to terminate unexpectedly . - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the ... oval:org.secpod.oval:def:1504877 [32:9.11.26-4] - Possible assertion failure on DNAME processing oval:org.secpod.oval:def:3300313 SUSE Security Update: Security update for bind oval:org.secpod.oval:def:507637 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: processing large delegations may severely degrade resolver perform ... oval:org.secpod.oval:def:2501248 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. oval:org.secpod.oval:def:1506689 [32:9.16.23-11] - Correct backport issue in statistics rendering fix [32:9.16.23-10] - Handle subtle difference between upstream and rhel [32:9.16.23-9] - Prevent flooding with UPDATE requests - Handle RRSIG queries when server-stale is active - Fix crash when soft-quota is reached and serve-sta ... oval:org.secpod.oval:def:2600018 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. oval:org.secpod.oval:def:2500846 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. oval:org.secpod.oval:def:1505691 [32:9.11.36-2] - Reduce memory used per-view on machine with few processors [32:9.11.36-2] - Rebuilt on a new side-tag [32:9.11.36-1] - Update to 9.11.36 [32:9.11.26-9] - Correct tsig system test [32:9.11.26-8] - Propagate ephemeral port ranges to chroot [32:9.11.26-7] - Do not request softhsm fr ... oval:org.secpod.oval:def:1506189 [32:9.11.36-5] - Fix memory leak in ECDSA verify processing - Fix memory leak in EdDSA verify processing [32:9.11.36-4] - Tighten cache protection against record from forwarders - Include test of forwarders [32:9.11.36-2] - Reduce memory used per-view on machine with few processors [32:9.11.36-2 ... oval:org.secpod.oval:def:86359 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. The following packages have been upgraded to a later upstream version: bind . Security ... oval:org.secpod.oval:def:89047481 This update for bind fixes the following issues: - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance . oval:org.secpod.oval:def:2600101 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. oval:org.secpod.oval:def:507310 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: DNS forwarders - cache poisoning vulnerability For more details a ... oval:org.secpod.oval:def:5800054 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: DNS forwarders - cache poisoning vulnerability * bind: DoS from s ... oval:org.secpod.oval:def:89047759 This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA a ... oval:org.secpod.oval:def:89047632 This update for bind fixes the following issues: - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance . - CVE-2021-25220: Fixed potentially incorrect answers by cached forwarders . - CVE-2022-0396: Fixed a incorrect handling of TCP connection slots ti ... oval:org.secpod.oval:def:89047710 This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA a ... oval:org.secpod.oval:def:5800088 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: BIND 9 resolvers configured to answer from cache with zero stale-a ... oval:org.secpod.oval:def:19500084 A cache poisoning vulnerability was found in BIND when using forwarders. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. This flaw allows a remote attacker to m ... oval:org.secpod.oval:def:87151 [32:9.16.23-5] - Fix possible serve-stale related crash - Fix memory leak in ECDSA verify processing - Fix memory leak in EdDSA verify processing [32:9.16.23-4] - Export bind-doc package [32:9.16.23-3] - Tighten cache protection against record from forwarders - Include test of forwarders [32:9. ... oval:org.secpod.oval:def:1506040 [32:9.16.23-1.1] - Fix possible serve-stale related crash - Fix memory leak in ECDSA verify processing - Fix memory leak in EdDSA verify processing oval:org.secpod.oval:def:507404 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: DNS forwarders - cache poisoning vulnerability * bind: DoS from s ... oval:org.secpod.oval:def:89047546 This update for bind fixes the following issues: - CVE-2021-25220: Fixed a DNS cache poisoning vulnerability due to loose caching rules . oval:org.secpod.oval:def:1506044 [32:9.11.36-3.1] - Fix memory leak in ECDSA verify processing - Fix memory leak in EdDSA verify processing oval:org.secpod.oval:def:89047784 This update for bind fixes the following issues: Update to release 9.16.33: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-3080: Fixed assertion failure when there was a stale CNAME in the cache for the in ... oval:org.secpod.oval:def:19500094 By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. A flaw was found in the Bind package, where the resolver can crash when stale cache and stal ... oval:org.secpod.oval:def:2500813 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. oval:org.secpod.oval:def:86367 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: * bind: DNS forwarders - cache poisoning vulnerability For more details a ... oval:org.secpod.oval:def:3301274 SUSE Security Update: Security update for bind oval:org.secpod.oval:def:89049077 This update fixes the following issues: bind: * Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro * There are no source changes dracut-saltboot: * Update to version 0.1.1681904360.84ef141 * Load network configuration even when missing protocol version grafana: * ... oval:org.secpod.oval:def:19500419 The code that processes control channel messages sent to 'named' calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, ... oval:org.secpod.oval:def:89049821 This update for bind fixes the following issues: Security fixes: * CVE-2023-3341: Fixed stack exhaustion flaw in control channel code may cause named to terminate unexpectedly . Other fixes: * Add `dnstap` support oval:org.secpod.oval:def:89049587 This update for bind fixes the following issues: Update to release 9.16.44: * CVE-2023-3341: Fixed stack exhaustion flaw in control channel code may cause named to terminate unexpectedly . Update to release 9.16.43 * Processing already-queued queries received over TCP could cause an assertion failur ... oval:org.secpod.oval:def:89049100 This update for bind fixes the following issues: Update to release 9.16.42 Security Fixes: * The overmem cleaning process has been improved, to prevent the cache from significantly exceeding the configured max-cache-size limit. * A query that prioritizes stale data over lookup triggers a fetch to r ... oval:org.secpod.oval:def:89049583 This update for bind fixes the following issues: * CVE-2023-3341: Fixed stack exhaustion flaw in control channel code may cause named to terminate unexpectedly . oval:org.secpod.oval:def:89049418 This update for bind fixes the following issues: Update to release 9.16.44: * CVE-2023-3341: Fixed stack exhaustion flaw in control channel code may cause named to terminate unexpectedly . oval:org.secpod.oval:def:19500282 A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly. If the 'recursive-clients' ... oval:org.secpod.oval:def:1507050 [32:9.11.36-8.2] - stack exhaustion in control channel code may lead to DoS oval:org.secpod.oval:def:89048997 This update for bind fixes the following issues: Update to release 9.16.42 Security Fixes: * The overmem cleaning process has been improved, to prevent the cache from significantly exceeding the configured max-cache-size limit. * A query that prioritizes stale data over lookup triggers a fetch to r ... oval:org.secpod.oval:def:3302057 Security update for bind oval:org.secpod.oval:def:89049074 This update for bind fixes the following issues: * CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm . oval:org.secpod.oval:def:3301873 Security update for bind oval:org.secpod.oval:def:89051549 This update for bind fixes the following issues: * CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm . oval:org.secpod.oval:def:3302415 Security update for bind oval:org.secpod.oval:def:89051525 This update for bind fixes the following issues: Update to release 9.16.48: * CVE-2023-50387: Fixed a denial-of-service caused by DNS messages containing a lot of DNSSEC signatures . * CVE-2023-50868: Fixed a denial-of-service caused by NSEC3 closest encloser proof . * CVE-2023-4408: Fixed a denial- ... oval:org.secpod.oval:def:89051528 This update for bind fixes the following issues: Update to release 9.16.48: Feature Changes: * The IP addresses for B.ROOT-SERVERS.NET have been updated to 170.247.170.2 and 2801:1b8:10::b. Security Fixes: * Validating DNS messages containing a lot of DNSSEC signatures could cause excessive CPU load ... oval:org.secpod.oval:def:509265 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: bind: Preparing an NSEC3 closest encloser proof can exhaust CPU resources ... oval:org.secpod.oval:def:3302371 Security update for bind oval:org.secpod.oval:def:89051958 This update for bind fixes the following issues: * CVE-2023-4408: Fixed denial of service during DNS message parsing with different names * CVE-2023-50387: Fixed denial of service during DNS messages validation with DNSSEC signatures * CVE-2023-50868: Fixed denial of service during NSEC3 closest e ... oval:org.secpod.oval:def:89051976 This update for bind fixes the following issues: * CVE-2023-4408: Fixed denial of service during DNS message parsing with different names * CVE-2023-50387: Fixed denial of service during DNS messages validation with DNSSEC signatures * CVE-2023-50868: Fixed denial of service during NSEC3 closest e ... oval:org.secpod.oval:def:2600600 The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. |