SUSE-SU-2022:3682-1 -- SLES bind, libbind9-1600, libdns1605, libirs1601, libisc1606, libisccc1600, libisccfg1600, libns1604, libirs-devel, python3-bindID: oval:org.secpod.oval:def:89047710 | Date: (C)2022-10-28 (M)2024-01-23 |
Class: PATCH | Family: unix |
This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm . - CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm . Bugfixes: - Changed ownership of /var/lib/named/master from named:named to root:root
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Desktop 15 SP3 |
Product: |
bind |
libbind9-1600 |
libdns1605 |
libirs1601 |
libisc1606 |
libisccc1600 |
libisccfg1600 |
libns1604 |
libirs-devel |
python3-bind |