SUSE-RU-2020:2915-1
- Source
- https://www.suse.com/support/update/announcement/2020/suse-ru-20202915-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:2915-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-RU-2020:2915-1
- Upstream
- Related
- Published
- 2020-10-13T15:33:50Z
- Modified
- 2025-05-02T04:10:25.471565Z
- Summary
- Recommended update for bind
- Details
-
This update for bind fixes the following issues:
Bind was updated to version 9.11.22
Note:
- bind is now more strict in regards to DNSSEC. If queries are not working, check for DNSSEC issues. For instance, if bind is used in a namserver forwarder chain, the forwarding DNS servers must support DNSSEC.
This upgrade also fixes the following security issues:
- [security] 'update-policy' rules of type 'subdomain' were incorrectly treated as 'zonesub' rules, which allowed keys used in 'subdomain' rules to update names outside of the specified subdomains. The problem was fixed by making sure 'subdomain' rules are again processed as described in the ARM. (CVE-2020-8624 bsc#1175443)
- [security] When BIND 9 was compiled with native PKCS#11 support, it was possible to trigger an assertion failure in code determining the number of bits in the PKCS#11 RSA public key with a specially crafted packet. (CVE-2020-8623 bsc#1175443)
- [security] It was possible to trigger an assertion failure when verifying the response to a TSIG-signed request. (CVE-2020-8622 bsc#1175443)
Suppress warning message about missing file. (bsc#1092283, bsc#1127583, bsc#1094236, bsc#1173983) Added /etc/bind.keys to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named.
- References
-
- https://www.suse.com/support/update/announcement/-2020-2915/suse-ru-20202915-1/
- https://bugzilla.suse.com/1092283
- https://bugzilla.suse.com/1094236
- https://bugzilla.suse.com/1127583
- https://bugzilla.suse.com/1173983
- https://bugzilla.suse.com/1175443
- https://www.suse.com/security/cve/CVE-2020-8622
- https://www.suse.com/security/cve/CVE-2020-8623
- https://www.suse.com/security/cve/CVE-2020-8624
Affected packages
SUSE:Linux Enterprise Server 12 SP4-LTSS
bind
Package
- Name
- bind
- Purl
- pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.11.22-3.22.1
Ecosystem specific
{
"binaries": [
{
"libdns1110": "9.11.22-3.22.1",
"libisccc161": "9.11.22-3.22.1",
"bind-doc": "9.11.22-3.22.1",
"bind": "9.11.22-3.22.1",
"libisc1107": "9.11.22-3.22.1",
"libbind9-161": "9.11.22-3.22.1",
"libirs161": "9.11.22-3.22.1",
"python-bind": "9.11.22-3.22.1",
"liblwres161": "9.11.22-3.22.1",
"bind-utils": "9.11.22-3.22.1",
"libisccfg163": "9.11.22-3.22.1",
"bind-chrootenv": "9.11.22-3.22.1",
"libisc1107-32bit": "9.11.22-3.22.1"
}
]
}SUSE:Linux Enterprise Server 12 SP5
bind
Package
- Name
- bind
- Purl
- pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.11.22-3.22.1
Ecosystem specific
{
"binaries": [
{
"libdns1110": "9.11.22-3.22.1",
"libisccc161": "9.11.22-3.22.1",
"bind-doc": "9.11.22-3.22.1",
"bind": "9.11.22-3.22.1",
"libisc1107": "9.11.22-3.22.1",
"libbind9-161": "9.11.22-3.22.1",
"libirs161": "9.11.22-3.22.1",
"python-bind": "9.11.22-3.22.1",
"liblwres161": "9.11.22-3.22.1",
"bind-utils": "9.11.22-3.22.1",
"libisccfg163": "9.11.22-3.22.1",
"bind-chrootenv": "9.11.22-3.22.1",
"libisc1107-32bit": "9.11.22-3.22.1"
}
]
}SUSE:Linux Enterprise Server for SAP Applications 12 SP4
bind
Package
- Name
- bind
- Purl
- pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.11.22-3.22.1
Ecosystem specific
{
"binaries": [
{
"libdns1110": "9.11.22-3.22.1",
"libisccc161": "9.11.22-3.22.1",
"bind-doc": "9.11.22-3.22.1",
"bind": "9.11.22-3.22.1",
"libisc1107": "9.11.22-3.22.1",
"libbind9-161": "9.11.22-3.22.1",
"libirs161": "9.11.22-3.22.1",
"python-bind": "9.11.22-3.22.1",
"liblwres161": "9.11.22-3.22.1",
"bind-utils": "9.11.22-3.22.1",
"libisccfg163": "9.11.22-3.22.1",
"bind-chrootenv": "9.11.22-3.22.1",
"libisc1107-32bit": "9.11.22-3.22.1"
}
]
}SUSE:Linux Enterprise Server for SAP Applications 12 SP5
bind
Package
- Name
- bind
- Purl
- pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.11.22-3.22.1
Ecosystem specific
{
"binaries": [
{
"libdns1110": "9.11.22-3.22.1",
"libisccc161": "9.11.22-3.22.1",
"bind-doc": "9.11.22-3.22.1",
"bind": "9.11.22-3.22.1",
"libisc1107": "9.11.22-3.22.1",
"libbind9-161": "9.11.22-3.22.1",
"libirs161": "9.11.22-3.22.1",
"python-bind": "9.11.22-3.22.1",
"liblwres161": "9.11.22-3.22.1",
"bind-utils": "9.11.22-3.22.1",
"libisccfg163": "9.11.22-3.22.1",
"bind-chrootenv": "9.11.22-3.22.1",
"libisc1107-32bit": "9.11.22-3.22.1"
}
]
}SUSE:Linux Enterprise Software Development Kit 12 SP5
bind
SUSE:OpenStack Cloud 9
bind
Package
- Name
- bind
- Purl
- pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%209
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.11.22-3.22.1
Ecosystem specific
{
"binaries": [
{
"libdns1110": "9.11.22-3.22.1",
"libisccc161": "9.11.22-3.22.1",
"bind-doc": "9.11.22-3.22.1",
"bind": "9.11.22-3.22.1",
"libisc1107": "9.11.22-3.22.1",
"libbind9-161": "9.11.22-3.22.1",
"libirs161": "9.11.22-3.22.1",
"python-bind": "9.11.22-3.22.1",
"liblwres161": "9.11.22-3.22.1",
"bind-utils": "9.11.22-3.22.1",
"libisccfg163": "9.11.22-3.22.1",
"bind-chrootenv": "9.11.22-3.22.1",
"libisc1107-32bit": "9.11.22-3.22.1"
}
]
}SUSE:OpenStack Cloud Crowbar 9
bind
Package
- Name
- bind
- Purl
- pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.11.22-3.22.1
Ecosystem specific
{
"binaries": [
{
"libdns1110": "9.11.22-3.22.1",
"libisccc161": "9.11.22-3.22.1",
"bind-doc": "9.11.22-3.22.1",
"bind": "9.11.22-3.22.1",
"libisc1107": "9.11.22-3.22.1",
"libbind9-161": "9.11.22-3.22.1",
"libirs161": "9.11.22-3.22.1",
"python-bind": "9.11.22-3.22.1",
"liblwres161": "9.11.22-3.22.1",
"bind-utils": "9.11.22-3.22.1",
"libisccfg163": "9.11.22-3.22.1",
"bind-chrootenv": "9.11.22-3.22.1",
"libisc1107-32bit": "9.11.22-3.22.1"
}
]
}