Overview

File _patchinfo of Package patchinfo.34020

<patchinfo incident="34020">
  <issue tracker="cve" id="2023-4408"/>
  <issue tracker="cve" id="2023-50387"/>
  <issue tracker="cve" id="2023-50868"/>
  <issue tracker="bnc" id="1219823">VUL-0: CVE-2023-50387 : unbound, pdns, bind, dnsmasq: Denial Of Service while trying to validate specially crafted DNSSEC responses</issue>
  <issue tracker="bnc" id="1219826">VUL-0: CVE-2023-50868: unbound, bind, pdns, dnsmasq: Denial Of Service while trying to validate specially crafted DNSSEC responses</issue>
  <issue tracker="bnc" id="1219851">VUL-0: CVE-2023-4408: bind: Parsing large DNS messages may cause excessive CPU load</issue>
  <packager>jcronenberg</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for bind</summary>
  <description>This update for bind fixes the following issues:

- CVE-2023-50387: Fixed validating DNS messages containing a lot of DNSSEC signatures that could have let to a denial-of-service (bsc#1219823).
- CVE-2023-50868: Fixed NSEC3 closest encloser proof that could have let to a denial-of-service (bsc#1219826).
- CVE-2023-4408: Fixed parsing DNS messages with many different names that could have let to a denial-of-service (bsc#1219851).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places