Overview

File _patchinfo of Package patchinfo.26108

<patchinfo incident="26108">
  <issue tracker="bnc" id="1203620">VUL-0: CVE-2022-38178: bind: Memory leaks in EdDSA DNSSEC verification code</issue>
  <issue tracker="bnc" id="1203614">VUL-0: CVE-2022-2795: bind: Processing large delegations may severely degrade resolver performance</issue>
  <issue tracker="bnc" id="1203619">VUL-0: CVE-2022-38177: bind: Memory leak in ECDSA DNSSEC verification code</issue>
  <issue tracker="cve" id="2022-2795"/>
  <issue tracker="cve" id="2022-38177"/>
  <issue tracker="cve" id="2022-38178"/>
  <packager>jcronenberg</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for bind</summary>
  <description>This update for bind fixes the following issues:

  - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations (bsc#1203614).
  - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
  - CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm (bsc#1203620).

</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places