Описание
Security update for bind
This update for bind fixes the following issues:
- CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR) which could have caused named to terminate unexpectedly (bsc#1185345).
- CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the DNAME to be processed to resolve itself (bsc#1185345).
- Switched from /var/run to /run (bsc#1185073)
- Hardening: Compiled binary with PIE flags to make it position independent
Список пакетов
openSUSE Leap 15.3
Ссылки
- E-Mail link for openSUSE-SU-2021:1826-1
- SUSE Security Ratings
- SUSE Bug 1183453
- SUSE Bug 1185073
- SUSE CVE CVE-2021-25214 page
- SUSE CVE CVE-2021-25215 page
Описание
In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.
Затронутые продукты
Ссылки
- CVE-2021-25214
- SUSE Bug 1185345
Описание
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.
Затронутые продукты
Ссылки
- CVE-2021-25215
- SUSE Bug 1185345
- SUSE Bug 1189848
- SUSE Bug 1196172
- SUSE Bug 1199298
- SUSE Bug 1225626