Overview

File _patchinfo of Package patchinfo.32585

<patchinfo incident="32585">
  <issue tracker="cve" id="2023-4408"/>
  <issue tracker="cve" id="2023-50387"/>
  <issue tracker="cve" id="2023-6516"/>
  <issue tracker="cve" id="2023-50868"/>
  <issue tracker="cve" id="2023-5517"/>
  <issue tracker="cve" id="2023-5679"/>
  <issue tracker="bnc" id="1219852">VUL-0: EMBARGOED: CVE-2023-5517: bind: Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled</issue>
  <issue tracker="bnc" id="1219823">VUL-0: EMBARGOED: CVE-2023-50387 : unbound, pdns, bind: Denial Of Service while trying to validate specially crafted DNSSEC responses</issue>
  <issue tracker="bnc" id="1219851">VUL-0: EMBARGOED: CVE-2023-4408: bind: Parsing large DNS messages may cause excessive CPU load</issue>
  <issue tracker="bnc" id="1219826">VUL-0: EMBARGOED: CVE-2023-50868: unbound, bind, pdns: Denial Of Service while trying to validate specially crafted DNSSEC responses</issue>
  <issue tracker="bnc" id="1219853">VUL-0: EMBARGOED: CVE-2023-5679: bind: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution</issue>
  <issue tracker="bnc" id="1219854">VUL-0: EMBARGOED: CVE-2023-6516: bind: Specific recursive query patterns may lead to an out-of-memory condition</issue>
  <packager>jcronenberg</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for bind</summary>
  <description>This update for bind fixes the following issues:

Update to release 9.16.48:

- CVE-2023-50387: Fixed a denial-of-service caused by DNS messages containing a lot of DNSSEC signatures (bsc#1219823).
- CVE-2023-50868: Fixed a denial-of-service caused by NSEC3 closest encloser proof (bsc#1219826).
- CVE-2023-4408: Fixed a denial-of-service caused by DNS messages with many different names (bsc#1219851).
- CVE-2023-5517: Fixed a possible crash when nxdomain-redirect was enabled (bsc#1219852).
- CVE-2023-5679: Fixed a possible crash when bad interaction between DNS64 and serve-stale, when both of these features are enabled (bsc#1219853).
- CVE-2023-6516: Fixed excessive memory consumption when continuously trigger the cache database maintenance (bsc#1219854).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places