SUSE-RU-2020:2915-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:2915-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-RU-2020:2915-1

Related

Published

2020-10-13T15:33:50Z

Modified

2020-10-13T15:33:50Z

Summary

Recommended update for bind

Details

This update for bind fixes the following issues:

Bind was updated to version 9.11.22

Note:

bind is now more strict in regards to DNSSEC. If queries are not working, check for DNSSEC issues. For instance, if bind is used in a namserver forwarder chain, the forwarding DNS servers must support DNSSEC.

This upgrade also fixes the following security issues:

1. [security] 'update-policy' rules of type 'subdomain' were incorrectly treated as 'zonesub' rules, which allowed keys used in 'subdomain' rules to update names outside of the specified subdomains. The problem was fixed by making sure 'subdomain' rules are again processed as described in the ARM. (CVE-2020-8624 bsc#1175443)
1. [security] When BIND 9 was compiled with native PKCS#11 support, it was possible to trigger an assertion failure in code determining the number of bits in the PKCS#11 RSA public key with a specially crafted packet. (CVE-2020-8623 bsc#1175443)
1. [security] It was possible to trigger an assertion failure when verifying the response to a TSIG-signed request. (CVE-2020-8622 bsc#1175443)
Suppress warning message about missing file. (bsc#1092283, bsc#1127583, bsc#1094236, bsc#1173983) Added /etc/bind.keys to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named.

References

Affected packages

SUSE:OpenStack Cloud 9 / bind

Package

Name: bind
Purl: purl:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%209

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.11.22-3.22.1

Ecosystem specific

{
    "binaries": [
        {
            "bind-chrootenv": "9.11.22-3.22.1",
            "libbind9-161": "9.11.22-3.22.1",
            "bind-utils": "9.11.22-3.22.1",
            "python-bind": "9.11.22-3.22.1",
            "libisc1107-32bit": "9.11.22-3.22.1",
            "libisccc161": "9.11.22-3.22.1",
            "bind-doc": "9.11.22-3.22.1",
            "bind": "9.11.22-3.22.1",
            "libdns1110": "9.11.22-3.22.1",
            "libirs161": "9.11.22-3.22.1",
            "libisccfg163": "9.11.22-3.22.1",
            "liblwres161": "9.11.22-3.22.1",
            "libisc1107": "9.11.22-3.22.1"
        }
    ]
}

SUSE:OpenStack Cloud Crowbar 9 / bind

Package

Name: bind
Purl: purl:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.11.22-3.22.1

Ecosystem specific

{
    "binaries": [
        {
            "bind-chrootenv": "9.11.22-3.22.1",
            "libbind9-161": "9.11.22-3.22.1",
            "bind-utils": "9.11.22-3.22.1",
            "python-bind": "9.11.22-3.22.1",
            "libisc1107-32bit": "9.11.22-3.22.1",
            "libisccc161": "9.11.22-3.22.1",
            "bind-doc": "9.11.22-3.22.1",
            "bind": "9.11.22-3.22.1",
            "libdns1110": "9.11.22-3.22.1",
            "libirs161": "9.11.22-3.22.1",
            "libisccfg163": "9.11.22-3.22.1",
            "liblwres161": "9.11.22-3.22.1",
            "libisc1107": "9.11.22-3.22.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP4 / bind

Package

Name: bind
Purl: purl:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.11.22-3.22.1

Ecosystem specific

{
    "binaries": [
        {
            "bind-chrootenv": "9.11.22-3.22.1",
            "libbind9-161": "9.11.22-3.22.1",
            "bind-utils": "9.11.22-3.22.1",
            "python-bind": "9.11.22-3.22.1",
            "libisc1107-32bit": "9.11.22-3.22.1",
            "libisccc161": "9.11.22-3.22.1",
            "bind-doc": "9.11.22-3.22.1",
            "bind": "9.11.22-3.22.1",
            "libdns1110": "9.11.22-3.22.1",
            "libirs161": "9.11.22-3.22.1",
            "libisccfg163": "9.11.22-3.22.1",
            "liblwres161": "9.11.22-3.22.1",
            "libisc1107": "9.11.22-3.22.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP5 / bind

Package

Name: bind
Purl: purl:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.11.22-3.22.1

Ecosystem specific

{
    "binaries": [
        {
            "bind-devel": "9.11.22-3.22.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP4-LTSS / bind

Package

Name: bind
Purl: purl:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.11.22-3.22.1

Ecosystem specific

{
    "binaries": [
        {
            "bind-chrootenv": "9.11.22-3.22.1",
            "libbind9-161": "9.11.22-3.22.1",
            "bind-utils": "9.11.22-3.22.1",
            "python-bind": "9.11.22-3.22.1",
            "libisc1107-32bit": "9.11.22-3.22.1",
            "libisccc161": "9.11.22-3.22.1",
            "bind-doc": "9.11.22-3.22.1",
            "bind": "9.11.22-3.22.1",
            "libdns1110": "9.11.22-3.22.1",
            "libirs161": "9.11.22-3.22.1",
            "libisccfg163": "9.11.22-3.22.1",
            "liblwres161": "9.11.22-3.22.1",
            "libisc1107": "9.11.22-3.22.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / bind

Package

Name: bind
Purl: purl:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.11.22-3.22.1

Ecosystem specific

{
    "binaries": [
        {
            "bind-chrootenv": "9.11.22-3.22.1",
            "libbind9-161": "9.11.22-3.22.1",
            "bind-utils": "9.11.22-3.22.1",
            "python-bind": "9.11.22-3.22.1",
            "libisc1107-32bit": "9.11.22-3.22.1",
            "libisccc161": "9.11.22-3.22.1",
            "bind-doc": "9.11.22-3.22.1",
            "bind": "9.11.22-3.22.1",
            "libdns1110": "9.11.22-3.22.1",
            "libirs161": "9.11.22-3.22.1",
            "libisccfg163": "9.11.22-3.22.1",
            "liblwres161": "9.11.22-3.22.1",
            "libisc1107": "9.11.22-3.22.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / bind

Package

Name: bind
Purl: purl:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.11.22-3.22.1

Ecosystem specific

{
    "binaries": [
        {
            "bind-chrootenv": "9.11.22-3.22.1",
            "libbind9-161": "9.11.22-3.22.1",
            "bind-utils": "9.11.22-3.22.1",
            "python-bind": "9.11.22-3.22.1",
            "libisc1107-32bit": "9.11.22-3.22.1",
            "libisccc161": "9.11.22-3.22.1",
            "bind-doc": "9.11.22-3.22.1",
            "bind": "9.11.22-3.22.1",
            "libdns1110": "9.11.22-3.22.1",
            "libirs161": "9.11.22-3.22.1",
            "libisccfg163": "9.11.22-3.22.1",
            "liblwres161": "9.11.22-3.22.1",
            "libisc1107": "9.11.22-3.22.1"
        }
    ]
}