SUSE-SU-2020:1914-1 -- SLES bindID: oval:org.secpod.oval:def:89000322 | Date: (C)2021-02-23 (M)2023-11-10 |
Class: PATCH | Family: unix |
This update for bind fixes the following issues: - Amended documentation referring to rule types quot;krb5-subdomainquot; and quot;ms-subdomainquot;. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. [CVE-2018-5741] - Further limit the number of queries that can be triggered from a request. Root and TLD servers are no longer exempt from max-recursion-queries. Fetches for missing name server address records are limited to 4 for any domain. [CVE-2020-8616] - Replaying a TSIG BADTIME response as a request could trigger an assertion failure. [CVE-2020-8617] [bsc#1109160, bsc#1171740, CVE-2018-5741, bind-CVE-2018-5741.patch, CVE-2020-8616, bind-CVE-2020-8616.patch, CVE-2020-8617, bind-CVE-2020-8617.patch] - Don"t rely on /etc/insserv.conf anymore for proper dependencies against nss-lookup.target in named.service and lwresd.service - Using a drop-in file
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |