File _patchinfo of Package patchinfo.11363
<patchinfo incident="11363">
<issue tracker="cve" id="2019-6465"/>
<issue tracker="cve" id="2018-5743"/>
<issue tracker="cve" id="2018-5745"/>
<issue tracker="cve" id="2018-5740"/>
<issue tracker="bnc" id="1104129">VUL-1: CVE-2018-5740: bind: A flaw in the "deny-answer-aliases" feature can cause an INSIST assertion failure in named</issue>
<issue tracker="bnc" id="1126069">VUL-0: CVE-2019-6465: bind: Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable.</issue>
<issue tracker="bnc" id="1126068">VUL-0: CVE-2018-5745: bind: An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys</issue>
<issue tracker="bnc" id="1133185">VUL-0: CVE-2018-5743: bind: Limiting simultaneous TCP clients is ineffective</issue>
<packager>rmax</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for bind</summary>
<description>This update for bind fixes the following issues:
Security issues fixed:
- CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).
- CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068).
- CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185).
- CVE-2018-5740: Fixed a denial of service vulnerability in the "deny-answer-aliases" feature (bsc#1104129).
</description>
</patchinfo>