SUSE-SU-2022:3682-1

Опубликовано: 21 окт. 2022

Источник: suse-cvrf

Описание

Security update for bind

This update for bind fixes the following issues:

CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations (bsc#1203614).
CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm (bsc#1203620).

Bugfixes:

Changed ownership of /var/lib/named/master from named:named to root:root (bsc#1201247)

Список пакетов

Image SLES15-SP3-BYOS-Azure

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-EC2-HVM

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-GCE

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-CHOST-BYOS-Aliyun

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-CHOST-BYOS-Azure

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-CHOST-BYOS-EC2

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-CHOST-BYOS-GCE

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-CHOST-BYOS-SAP-CCloud

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-HPC-BYOS-Azure

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-HPC-BYOS-EC2-HVM

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-HPC-BYOS-GCE

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-SAP-BYOS-Azure

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-SAP-BYOS-EC2-HVM

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-SAP-BYOS-GCE

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-SAPCAL-Azure

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-SAPCAL-EC2-HVM

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

Image SLES15-SP3-SAPCAL-GCE

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

SUSE Linux Enterprise Module for Basesystem 15 SP3

bind-devel-9.16.6-150300.22.21.2

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs-devel-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

SUSE Linux Enterprise Module for Basesystem 15 SP4

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

SUSE Linux Enterprise Module for Server Applications 15 SP3

bind-9.16.6-150300.22.21.2

bind-chrootenv-9.16.6-150300.22.21.2

bind-doc-9.16.6-150300.22.21.2

openSUSE Leap 15.3

bind-9.16.6-150300.22.21.2

bind-chrootenv-9.16.6-150300.22.21.2

bind-devel-9.16.6-150300.22.21.2

bind-doc-9.16.6-150300.22.21.2

bind-utils-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs-devel-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

python3-bind-9.16.6-150300.22.21.2

openSUSE Leap 15.4

bind-chrootenv-9.16.6-150300.22.21.2

bind-devel-9.16.6-150300.22.21.2

libbind9-1600-9.16.6-150300.22.21.2

libdns1605-9.16.6-150300.22.21.2

libirs-devel-9.16.6-150300.22.21.2

libirs1601-9.16.6-150300.22.21.2

libisc1606-9.16.6-150300.22.21.2

libisccc1600-9.16.6-150300.22.21.2

libisccfg1600-9.16.6-150300.22.21.2

libns1604-9.16.6-150300.22.21.2

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223682-1/
Link for SUSE-SU-2022:3682-1
https://lists.suse.com/pipermail/sle-security-updates/2022-October/012598.html
E-Mail link for SUSE-SU-2022:3682-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1201247
SUSE Bug 1201247
https://bugzilla.suse.com/1203614
SUSE Bug 1203614
https://bugzilla.suse.com/1203619
SUSE Bug 1203619
https://bugzilla.suse.com/1203620
SUSE Bug 1203620
https://www.suse.com/security/cve/CVE-2022-2795/
SUSE CVE CVE-2022-2795 page
https://www.suse.com/security/cve/CVE-2022-38177/
SUSE CVE CVE-2022-38177 page
https://www.suse.com/security/cve/CVE-2022-38178/
SUSE CVE CVE-2022-38178 page

Описание

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

Затронутые продукты

Image SLES15-SP3-BYOS-Azure:bind-utils-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-Azure:libbind9-1600-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-Azure:libdns1605-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-Azure:libirs1601-9.16.6-150300.22.21.2

Ссылки

https://www.suse.com/security/cve/CVE-2022-2795.html
CVE-2022-2795
https://bugzilla.suse.com/1203614
SUSE Bug 1203614
https://bugzilla.suse.com/1205842
SUSE Bug 1205842
https://bugzilla.suse.com/1209913
SUSE Bug 1209913

Описание

By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

Затронутые продукты

Image SLES15-SP3-BYOS-Azure:bind-utils-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-Azure:libbind9-1600-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-Azure:libdns1605-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-Azure:libirs1601-9.16.6-150300.22.21.2

Ссылки

https://www.suse.com/security/cve/CVE-2022-38177.html
CVE-2022-38177
https://bugzilla.suse.com/1203619
SUSE Bug 1203619
https://bugzilla.suse.com/1204101
SUSE Bug 1204101
https://bugzilla.suse.com/1205078
SUSE Bug 1205078
https://bugzilla.suse.com/1205219
SUSE Bug 1205219

Описание

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

Затронутые продукты

Image SLES15-SP3-BYOS-Azure:bind-utils-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-Azure:libbind9-1600-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-Azure:libdns1605-9.16.6-150300.22.21.2

Image SLES15-SP3-BYOS-Azure:libirs1601-9.16.6-150300.22.21.2

Ссылки

https://www.suse.com/security/cve/CVE-2022-38178.html
CVE-2022-38178
https://bugzilla.suse.com/1203620
SUSE Bug 1203620

SUSE-SU-2022:3682-1

Описание

Список пакетов

Image SLES15-SP3-BYOS-Azure

Image SLES15-SP3-BYOS-EC2-HVM

Image SLES15-SP3-BYOS-GCE

Image SLES15-SP3-CHOST-BYOS-Aliyun

Image SLES15-SP3-CHOST-BYOS-Azure

Image SLES15-SP3-CHOST-BYOS-EC2

Image SLES15-SP3-CHOST-BYOS-GCE

Image SLES15-SP3-CHOST-BYOS-SAP-CCloud

Image SLES15-SP3-HPC-BYOS-Azure

Image SLES15-SP3-HPC-BYOS-EC2-HVM

Image SLES15-SP3-HPC-BYOS-GCE

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP3-SAP-BYOS-Azure

Image SLES15-SP3-SAP-BYOS-EC2-HVM

Image SLES15-SP3-SAP-BYOS-GCE

Image SLES15-SP3-SAPCAL-Azure

Image SLES15-SP3-SAPCAL-EC2-HVM

Image SLES15-SP3-SAPCAL-GCE

SUSE Linux Enterprise Module for Basesystem 15 SP3

SUSE Linux Enterprise Module for Basesystem 15 SP4

SUSE Linux Enterprise Module for Server Applications 15 SP3

openSUSE Leap 15.3

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2022-2795

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2022-38177

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2022-38178

Описание

Затронутые продукты

Ссылки