Security update for bind
This update for bind fixes the following issues:
Security issues fixed:
- CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).
- CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068).
- CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185).
- CVE-2018-5740: Fixed a denial of service vulnerability in the "deny-answer-aliases" feature (bsc#1104129).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Reinhard Max (rmax)
Fixed bugs
bnc#1104129
VUL-1: CVE-2018-5740: bind: A flaw in the "deny-answer-aliases" feature can cause an INSIST assertion failure in named
bnc#1126069
VUL-0: CVE-2019-6465: bind: Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable.
bnc#1126068
VUL-0: CVE-2018-5745: bind: An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys
bnc#1133185
VUL-0: CVE-2018-5743: bind: Limiting simultaneous TCP clients is ineffective
