openSUSE-SU-2020:0912-1

Опубликовано: 29 июн. 2020

Источник: suse-cvrf

Описание

Security update for unbound

This update for unbound fixes the following issues:

CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target (bsc#1171889).
CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers could have been used to make unbound unresponsive (bsc#1171889).
CVE-2019-18934: Fixed a vulnerability in the IPSec module which could have allowed code execution after receiving a special crafted answer (bsc#1157268).

This update was imported from the SUSE:SLE-15-SP1:Update update project.

Список пакетов

openSUSE Leap 15.1

libunbound-devel-mini-1.6.8-lp151.8.3.1

libunbound2-1.6.8-lp151.8.3.1

unbound-1.6.8-lp151.8.3.1

unbound-anchor-1.6.8-lp151.8.3.1

unbound-devel-1.6.8-lp151.8.3.1

unbound-munin-1.6.8-lp151.8.3.1

unbound-python-1.6.8-lp151.8.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7BOBQ5VCGBBEOIK4YR7ZR7XNQZWV62CU/
E-Mail link for openSUSE-SU-2020:0912-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1157268
SUSE Bug 1157268
https://bugzilla.suse.com/1171889
SUSE Bug 1171889
https://www.suse.com/security/cve/CVE-2019-18934/
SUSE CVE CVE-2019-18934 page
https://www.suse.com/security/cve/CVE-2020-12662/
SUSE CVE CVE-2020-12662 page
https://www.suse.com/security/cve/CVE-2020-12663/
SUSE CVE CVE-2020-12663 page

Описание

Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.

Затронутые продукты

openSUSE Leap 15.1:libunbound-devel-mini-1.6.8-lp151.8.3.1

openSUSE Leap 15.1:libunbound2-1.6.8-lp151.8.3.1

openSUSE Leap 15.1:unbound-1.6.8-lp151.8.3.1

openSUSE Leap 15.1:unbound-anchor-1.6.8-lp151.8.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-18934.html
CVE-2019-18934
https://bugzilla.suse.com/1157268
SUSE Bug 1157268

Описание

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

Затронутые продукты

openSUSE Leap 15.1:libunbound-devel-mini-1.6.8-lp151.8.3.1

openSUSE Leap 15.1:libunbound2-1.6.8-lp151.8.3.1

openSUSE Leap 15.1:unbound-1.6.8-lp151.8.3.1

openSUSE Leap 15.1:unbound-anchor-1.6.8-lp151.8.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-12662.html
CVE-2020-12662
https://bugzilla.suse.com/1171889
SUSE Bug 1171889

Описание

Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

Затронутые продукты

openSUSE Leap 15.1:libunbound-devel-mini-1.6.8-lp151.8.3.1

openSUSE Leap 15.1:libunbound2-1.6.8-lp151.8.3.1

openSUSE Leap 15.1:unbound-1.6.8-lp151.8.3.1

openSUSE Leap 15.1:unbound-anchor-1.6.8-lp151.8.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-12663.html
CVE-2020-12663
https://bugzilla.suse.com/1171889
SUSE Bug 1171889

openSUSE-SU-2020:0912-1

Описание

Список пакетов

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2019-18934

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2020-12662

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2020-12663

Описание

Затронутые продукты

Ссылки