SUSE-SU-2019:2502-1
- Source
- https://www.suse.com/support/update/announcement/2019/suse-su-20192502-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2502-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2019:2502-1
- Upstream
- Related
- Published
- 2019-10-01T11:06:19Z
- Modified
- 2025-05-02T04:08:22.245730Z
- Summary
- Security update for bind
- Details
-
This update for bind fixes the following issues:
Security issues fixed:
- CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).
- CVE-2019-6471: Fixed a reachable assert in dispatch.c. (bsc#1138687)
- CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068).
- CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185).
- CVE-2018-5740: Fixed a denial of service vulnerability in the 'deny-answer-aliases' feature (bsc#1104129).
Non-security issues fixed:
- Don't rely on /etc/insserv.conf anymore for proper dependencies against nss-lookup.target in named.service and lwresd.service (bsc#1118367, bsc#1118368).
- Fix FIPS related regression (bsc#1128220).
- References
-
- https://www.suse.com/support/update/announcement/2019/suse-su-20192502-1/
- https://bugzilla.suse.com/1104129
- https://bugzilla.suse.com/1118367
- https://bugzilla.suse.com/1118368
- https://bugzilla.suse.com/1126068
- https://bugzilla.suse.com/1126069
- https://bugzilla.suse.com/1128220
- https://bugzilla.suse.com/1133185
- https://bugzilla.suse.com/1138687
- https://www.suse.com/security/cve/CVE-2018-5740
- https://www.suse.com/security/cve/CVE-2018-5743
- https://www.suse.com/security/cve/CVE-2018-5745
- https://www.suse.com/security/cve/CVE-2019-6465
- https://www.suse.com/security/cve/CVE-2019-6471
Affected packages
SUSE:Linux Enterprise Desktop 12 SP4
bind
Package
- Name
- bind
- Purl
- pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.11.2-3.10.1
Ecosystem specific
{
"binaries": [
{
"liblwres160": "9.11.2-3.10.1",
"libisc166": "9.11.2-3.10.1",
"libisccfg160": "9.11.2-3.10.1",
"libisc166-32bit": "9.11.2-3.10.1",
"libbind9-160": "9.11.2-3.10.1",
"python-bind": "9.11.2-3.10.1",
"libirs160": "9.11.2-3.10.1",
"libdns169": "9.11.2-3.10.1",
"bind-utils": "9.11.2-3.10.1",
"libisccc160": "9.11.2-3.10.1"
}
]
}SUSE:Linux Enterprise Server 12 SP4
bind
Package
- Name
- bind
- Purl
- pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.11.2-3.10.1
Ecosystem specific
{
"binaries": [
{
"bind": "9.11.2-3.10.1",
"libisc166": "9.11.2-3.10.1",
"libisccfg160": "9.11.2-3.10.1",
"liblwres160": "9.11.2-3.10.1",
"bind-doc": "9.11.2-3.10.1",
"bind-chrootenv": "9.11.2-3.10.1",
"libisc166-32bit": "9.11.2-3.10.1",
"libbind9-160": "9.11.2-3.10.1",
"python-bind": "9.11.2-3.10.1",
"libirs160": "9.11.2-3.10.1",
"libdns169": "9.11.2-3.10.1",
"bind-utils": "9.11.2-3.10.1",
"libisccc160": "9.11.2-3.10.1"
}
]
}SUSE:Linux Enterprise Server for SAP Applications 12 SP4
bind
Package
- Name
- bind
- Purl
- pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.11.2-3.10.1
Ecosystem specific
{
"binaries": [
{
"bind": "9.11.2-3.10.1",
"libisc166": "9.11.2-3.10.1",
"libisccfg160": "9.11.2-3.10.1",
"liblwres160": "9.11.2-3.10.1",
"bind-doc": "9.11.2-3.10.1",
"bind-chrootenv": "9.11.2-3.10.1",
"libisc166-32bit": "9.11.2-3.10.1",
"libbind9-160": "9.11.2-3.10.1",
"python-bind": "9.11.2-3.10.1",
"libirs160": "9.11.2-3.10.1",
"libdns169": "9.11.2-3.10.1",
"bind-utils": "9.11.2-3.10.1",
"libisccc160": "9.11.2-3.10.1"
}
]
}