Oval Definition:oval:org.opensuse.security:def:60993
Revision Date:2020-12-01Version:1
Title:Security update for bind (Important)
Description:

This update for bind fixes the following issues:

- Amended documentation referring to rule types 'krb5-subdomain' and 'ms-subdomain'. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. [CVE-2018-5741] - Further limit the number of queries that can be triggered from a request. Root and TLD servers are no longer exempt from max-recursion-queries. Fetches for missing name server address records are limited to 4 for any domain. [CVE-2020-8616] - Replaying a TSIG BADTIME response as a request could trigger an assertion failure. [CVE-2020-8617] [bsc#1109160, bsc#1171740, CVE-2018-5741, bind-CVE-2018-5741.patch, CVE-2020-8616, bind-CVE-2020-8616.patch, CVE-2020-8617, bind-CVE-2020-8617.patch]

- Don't rely on /etc/insserv.conf anymore for proper dependencies against nss-lookup.target in named.service and lwresd.service (bsc#1118367 bsc#1118368) - Using a drop-in file
Family:unixClass:patch
Status:Reference(s):1004995
1017690
1029102
1029516
1032029
1033238
1036873
1037120
1038865
1040153
1040258
1040614
1040942
1040968
1043758
1043900
1045290
1046750
1058058
1069213
1092100
1098545
1098546
1109160
1110746
1110747
1111069
1111072
1112758
1118367
1118368
1122293
1122299
1128503
1129346
1131886
1132728
1132729
1132732
1134297
1144902
1160467
1160468
1165787
1171740
1175664
1175665
1175671
1178171
1178682
945190
960341
969783
982303
983436
986216
CVE-2014-3577
CVE-2014-8128
CVE-2015-5262
CVE-2015-7554
CVE-2016-10095
CVE-2016-5318
CVE-2017-13058
CVE-2017-16232
CVE-2017-9217
CVE-2017-9445
CVE-2017-9798
CVE-2018-11212
CVE-2018-1122
CVE-2018-1123
CVE-2018-1124
CVE-2018-1125
CVE-2018-1126
CVE-2018-12181
CVE-2018-12599
CVE-2018-12600
CVE-2018-16839
CVE-2018-17965
CVE-2018-17966
CVE-2018-18016
CVE-2018-18024
CVE-2018-5741
CVE-2019-10218
CVE-2019-14896
CVE-2019-14897
CVE-2019-2422
CVE-2019-2426
CVE-2019-2602
CVE-2019-2684
CVE-2019-2698
CVE-2019-9636
CVE-2020-10188
CVE-2020-15810
CVE-2020-15811
CVE-2020-24606
CVE-2020-25708
CVE-2020-8616
CVE-2020-8617
SUSE-SU-2017:2031-1
SUSE-SU-2017:2542-1
SUSE-SU-2018:0073-1
SUSE-SU-2018:1836-1
SUSE-SU-2018:3191-1
SUSE-SU-2019:2890-1
SUSE-SU-2020:1533-1
SUSE-SU-2020:1914-1
SUSE-SU-2020:2471-1
SUSE-SU-2020:3149-1
SUSE-SU-2020:3550-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.1 NonFree
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • python-Twisted-17.9.0-lp151.3.6 is installed
  • OR python-Twisted-doc-17.9.0-lp151.3.6 is installed
  • OR python2-Twisted-17.9.0-lp151.3.6 is installed
  • OR python3-Twisted-17.9.0-lp151.3.6 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 NonFree is installed
  • AND opera-67.0.3575.97-lp151.2.12 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND perl-YAML-LibYAML-0.69-lp152.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libsystemd0-228-150.9 is installed
  • OR libsystemd0-32bit-228-150.9 is installed
  • OR libudev1-228-150.9 is installed
  • OR libudev1-32bit-228-150.9 is installed
  • OR systemd-228-150.9 is installed
  • OR systemd-32bit-228-150.9 is installed
  • OR systemd-bash-completion-228-150.9 is installed
  • OR systemd-sysvinit-228-150.9 is installed
  • OR udev-228-150.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_107-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_29-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • krb5-appl-1.0.3-3.3 is installed
  • OR krb5-appl-clients-1.0.3-3.3 is installed
  • OR krb5-appl-servers-1.0.3-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.221-43.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cups-1.7.5-20.17 is installed
  • OR cups-client-1.7.5-20.17 is installed
  • OR cups-libs-1.7.5-20.17 is installed
  • OR cups-libs-32bit-1.7.5-20.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • xorg-x11-server-1.19.6-4.11 is installed
  • OR xorg-x11-server-extra-1.19.6-4.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • MozillaFirefox-78.2.0-112.19 is installed
  • OR MozillaFirefox-devel-78.2.0-112.19 is installed
  • OR MozillaFirefox-translations-common-78.2.0-112.19 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Twisted-15.2.1-9.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • bind-9.9.9P1-63.17 is installed
  • OR bind-chrootenv-9.9.9P1-63.17 is installed
  • OR bind-doc-9.9.9P1-63.17 is installed
  • OR bind-libs-9.9.9P1-63.17 is installed
  • OR bind-libs-32bit-9.9.9P1-63.17 is installed
  • OR bind-utils-9.9.9P1-63.17 is installed
    • BACK