Описание
Security update for bind
This update for bind fixes the following issues:
- CVE-2021-25220: Fixed a DNS cache poisoning vulnerability due to loose caching rules (bsc#1197135).
Список пакетов
openSUSE Leap 15.3
bind-devel-32bit-9.16.6-150000.12.60.1
libbind9-1600-32bit-9.16.6-150000.12.60.1
libdns1605-32bit-9.16.6-150000.12.60.1
libirs1601-32bit-9.16.6-150000.12.60.1
libisc1606-32bit-9.16.6-150000.12.60.1
libisccc1600-32bit-9.16.6-150000.12.60.1
libisccfg1600-32bit-9.16.6-150000.12.60.1
libns1604-32bit-9.16.6-150000.12.60.1
Ссылки
- E-Mail link for openSUSE-SU-2022:0946-1
- SUSE Security Ratings
- SUSE Bug 1197135
- SUSE CVE CVE-2021-25220 page
Описание
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.
Затронутые продукты
openSUSE Leap 15.3:bind-devel-32bit-9.16.6-150000.12.60.1
openSUSE Leap 15.3:libbind9-1600-32bit-9.16.6-150000.12.60.1
openSUSE Leap 15.3:libdns1605-32bit-9.16.6-150000.12.60.1
openSUSE Leap 15.3:libirs1601-32bit-9.16.6-150000.12.60.1
Ссылки
- CVE-2021-25220
- SUSE Bug 1197135