| Revision Date: | 2019-10-01 | Version: | 1 |
| Title: | Security update for bind (Important) |
| Description: |
This update for bind fixes the following issues:
Security issues fixed:
- CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069). - CVE-2019-6471: Fixed a reachable assert in dispatch.c. (bsc#1138687) - CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068). - CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185). - CVE-2018-5740: Fixed a denial of service vulnerability in the 'deny-answer-aliases' feature (bsc#1104129).
Non-security issues fixed:
- Don't rely on /etc/insserv.conf anymore for proper dependencies against nss-lookup.target in named.service and lwresd.service (bsc#1118367, bsc#1118368). - Fix FIPS related regression (bsc#1128220).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1104129
1118367
1118368
1126068
1126069
1128220
1133185
1138687
CVE-2018-5740
CVE-2018-5743
CVE-2018-5745
CVE-2019-6465
CVE-2019-6471
SUSE-SU-2019:2502-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP4
| Product(s): | |
| Definition Synopsis |
| Release Information SUSE Linux Enterprise Desktop 12 SP4 is installed
OR SUSE Linux Enterprise Server 12 SP4 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
AND bind-devel-9.11.2-3.10.1 is installed
|