File _patchinfo of Package patchinfo.10348

<patchinfo incident="10348">
  <issue tracker="cve" id="2019-6465"/>
  <issue tracker="cve" id="2018-5743"/>
  <issue tracker="cve" id="2018-5745"/>
  <issue tracker="cve" id="2018-5740"/>
  <issue tracker="bnc" id="1104129">VUL-1: CVE-2018-5740: bind: A flaw in the "deny-answer-aliases" feature can cause an INSIST assertion failure in named</issue>
  <issue tracker="bnc" id="1126069">VUL-0: CVE-2019-6465: bind: Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable.</issue>
  <issue tracker="bnc" id="1126068">VUL-0: CVE-2018-5745: bind: An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys</issue>
  <issue tracker="bnc" id="1133185">VUL-0: CVE-2018-5743: bind: Limiting simultaneous TCP clients is ineffective</issue>
  <packager>rmax</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for bind</summary>
  <description>This update for bind fixes the following issues:

Security issues fixed:

- CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).
- CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068).
- CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185).
- CVE-2018-5740: Fixed a denial of service vulnerability in the "deny-answer-aliases" feature (bsc#1104129).

This update was imported from the SUSE:SLE-15:Update update project.</description>
</patchinfo>