SUSE-SU-2025:3976-1

Опубликовано: 06 нояб. 2025

Источник: suse-cvrf

Описание

Security update for bind

This update for bind fixes the following issues:

CVE-2025-40778: Address various spoofing attacks (bsc#1252379).

Список пакетов

Image SLES12-SP5-Azure-HPC-BYOS

bind-utils-9.11.22-3.65.1

libbind9-161-9.11.22-3.65.1

libdns1110-9.11.22-3.65.1

libirs161-9.11.22-3.65.1

libisc1107-9.11.22-3.65.1

libisccc161-9.11.22-3.65.1

libisccfg163-9.11.22-3.65.1

liblwres161-9.11.22-3.65.1

python-bind-9.11.22-3.65.1

Image SLES12-SP5-Azure-HPC-On-Demand

bind-utils-9.11.22-3.65.1

libbind9-161-9.11.22-3.65.1

libdns1110-9.11.22-3.65.1

libirs161-9.11.22-3.65.1

libisc1107-9.11.22-3.65.1

libisccc161-9.11.22-3.65.1

libisccfg163-9.11.22-3.65.1

liblwres161-9.11.22-3.65.1

python-bind-9.11.22-3.65.1

Image SLES12-SP5-Azure-SAP-BYOS

bind-utils-9.11.22-3.65.1

libbind9-161-9.11.22-3.65.1

libdns1110-9.11.22-3.65.1

libirs161-9.11.22-3.65.1

libisc1107-9.11.22-3.65.1

libisccc161-9.11.22-3.65.1

libisccfg163-9.11.22-3.65.1

liblwres161-9.11.22-3.65.1

python-bind-9.11.22-3.65.1

SUSE Linux Enterprise Server 12 SP5-LTSS

bind-9.11.22-3.65.1

bind-chrootenv-9.11.22-3.65.1

bind-devel-9.11.22-3.65.1

bind-doc-9.11.22-3.65.1

bind-utils-9.11.22-3.65.1

libbind9-161-9.11.22-3.65.1

libdns1110-9.11.22-3.65.1

libirs161-9.11.22-3.65.1

libisc1107-9.11.22-3.65.1

libisc1107-32bit-9.11.22-3.65.1

libisccc161-9.11.22-3.65.1

libisccfg163-9.11.22-3.65.1

liblwres161-9.11.22-3.65.1

python-bind-9.11.22-3.65.1

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

bind-9.11.22-3.65.1

bind-chrootenv-9.11.22-3.65.1

bind-devel-9.11.22-3.65.1

bind-doc-9.11.22-3.65.1

bind-utils-9.11.22-3.65.1

libbind9-161-9.11.22-3.65.1

libdns1110-9.11.22-3.65.1

libirs161-9.11.22-3.65.1

libisc1107-9.11.22-3.65.1

libisc1107-32bit-9.11.22-3.65.1

libisccc161-9.11.22-3.65.1

libisccfg163-9.11.22-3.65.1

liblwres161-9.11.22-3.65.1

python-bind-9.11.22-3.65.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20253976-1/
Link for SUSE-SU-2025:3976-1
https://lists.suse.com/pipermail/sle-security-updates/2025-November/023172.html
E-Mail link for SUSE-SU-2025:3976-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1252379
SUSE Bug 1252379
https://www.suse.com/security/cve/CVE-2025-40778/
SUSE CVE CVE-2025-40778 page

Описание

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.

Затронутые продукты

Image SLES12-SP5-Azure-HPC-BYOS:bind-utils-9.11.22-3.65.1

Image SLES12-SP5-Azure-HPC-BYOS:libbind9-161-9.11.22-3.65.1

Image SLES12-SP5-Azure-HPC-BYOS:libdns1110-9.11.22-3.65.1

Image SLES12-SP5-Azure-HPC-BYOS:libirs161-9.11.22-3.65.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-40778.html
CVE-2025-40778
https://bugzilla.suse.com/1252379
SUSE Bug 1252379

SUSE-SU-2025:3976-1

Описание

Список пакетов

Image SLES12-SP5-Azure-HPC-BYOS

Image SLES12-SP5-Azure-HPC-On-Demand

Image SLES12-SP5-Azure-SAP-BYOS

SUSE Linux Enterprise Server 12 SP5-LTSS

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Ссылки

Уязвимость: CVE-2025-40778

Описание

Затронутые продукты

Ссылки