bind

Edit Package bind

Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name
System (DNS) protocols and provides an openly redistributable reference
implementation of the major components of the Domain Name System.

Refresh
Refresh
Source Files (show merged sources derived from linked package)
Filename Size Changed
bind-9.18.24.tar.xz 0005515528 5.26 MB
bind-9.18.24.tar.xz.asc 0000000833 833 Bytes
bind-ldapdump-use-valid-host.patch 0000002541 2.48 KB
bind.changes 0000196013 191 KB
bind.conf 0000000444 444 Bytes
bind.keyring 0000009606 9.38 KB
bind.spec 0000021529 21 KB
dlz-schema.txt 0000006292 6.14 KB
dnszone-schema.txt 0000005637 5.5 KB
named.conf 0000000090 90 Bytes
named.root 0000003310 3.23 KB
vendor-files.tar.bz2 0000020398 19.9 KB
Latest Revision
Thiago Macieira's avatar Thiago Macieira (thiagomacieira) committed (revision 9)
Fixed conflicts; vendor-files.tar.bz2 is upstream (vendor's)

- Update to release 9.18.24
  Security Fixes:
  * Validating DNS messages containing a lot of DNSSEC signatures
    could cause excessive CPU load, leading to a denial-of-service
    condition. This has been fixed. (CVE-2023-50387)
    [bsc#1219823]
  * Preparing an NSEC3 closest encloser proof could cause excessiv
    CPU load, leading to a denial-of-service condition. This has
    been fixed. (CVE-2023-50868)
    [bsc#1219826]
  * Parsing DNS messages with many different names could cause
    excessive CPU load. This has been fixed. (CVE-2023-4408)
    [bsc#1219851]
  * Specific queries could cause named to crash with an assertion
    failure when nxdomain-redirect was enabled. This has been
    fixed. (CVE-2023-5517)
    [bsc#1219852]
  * A bad interaction between DNS64 and serve-stale could cause
    named to crash with an assertion failure, when both of these
    features were enabled. This has been fixed. (CVE-2023-5679)
    [bsc#1219853]
  * Query patterns that continuously triggered cache database
    maintenance could cause an excessive amount of memory to be
    allocated, exceeding max-cache-size and potentially leading to
    all available memory on the host running named being exhausted
    This has been fixed. (CVE-2023-6516)
    [bsc#1219854]
  * Under certain circumstances, the DNS-over-TLS client code
    incorrectly attempted to process more than one DNS message at a
    time, which could cause named to crash with an assertion
Comments 0
openSUSE Build Service is sponsored by