SUSE-SU-2022:3682-1 -- SLES bind, libbind9-1600, libdns1605, libirs1601, libisc1606, libisccc1600, libisccfg1600, libns1604, libirs-devel, python3-bind| ID: oval:org.secpod.oval:def:89047710 | Date: (C)2022-10-28 (M)2024-01-23 |
| Class: PATCH | Family: unix |
This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm . - CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm . Bugfixes: - Changed ownership of /var/lib/named/master from named:named to root:root
| Platform: |
| SUSE Linux Enterprise Desktop 15 SP4 |
| SUSE Linux Enterprise Server 15 SP4 |
| SUSE Linux Enterprise Server 15 SP3 |
| SUSE Linux Enterprise Desktop 15 SP3 |
| Product: |
| bind |
| libbind9-1600 |
| libdns1605 |
| libirs1601 |
| libisc1606 |
| libisccc1600 |
| libisccfg1600 |
| libns1604 |
| libirs-devel |
| python3-bind |
