SUSE-SU-2019:2502-1 -- SLES bind, libbind9-160, libdns169, libirs160, libisc166, libisccc160, libisccfg160, liblwres160ID: oval:org.secpod.oval:def:89003493 | Date: (C)2021-02-27 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for bind fixes the following issues: Security issues fixed: - CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones . - CVE-2019-6471: Fixed a reachable assert in dispatch.c. - CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys . - CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections . - CVE-2018-5740: Fixed a denial of service vulnerability in the deny-answer-aliases feature . Non-security issues fixed: - Don"t rely on /etc/insserv.conf anymore for proper dependencies against nss-lookup.target in named.service and lwresd.service . - Fix FIPS related regression .
Platform: |
SUSE Linux Enterprise Server 12 SP4 |
Product: |
bind |
libbind9-160 |
libdns169 |
libirs160 |
libisc166 |
libisccc160 |
libisccfg160 |
liblwres160 |