Overview

File _patchinfo of Package patchinfo.35100

<patchinfo incident="35100">
  <issue tracker="cve" id="2024-1975"/>
  <issue tracker="cve" id="2024-1737"/>
  <issue tracker="cve" id="2024-4076"/>
  <issue tracker="bnc" id="1228258">VUL-0: CVE-2024-4076: bind: Assertion failure when serving both stale cache data and authoritative zone content</issue>
  <issue tracker="bnc" id="1228257">VUL-0: CVE-2024-1975: bind: SIG(0) can be used to exhaust CPU resources</issue>
  <issue tracker="bnc" id="1228256">VUL-0: CVE-2024-1737: bind: BIND's database will be slow if a very large number of RRs exist at the same name</issue>
  <packager>jcronenberg</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for bind</summary>
  <description>This update for bind fixes the following issues:

Update to 9.16.50:

- Bug Fixes:
  * A regression in cache-cleaning code enabled memory use to grow
    significantly more quickly than before, until the configured
    max-cache-size limit was reached. This has been fixed.
  * Using rndc flush inadvertently caused cache cleaning to become
    less effective. This could ultimately lead to the configured
    max-cache-size limit being exceeded and has now been fixed.
  * The logic for cleaning up expired cached DNS records was
    tweaked to be more aggressive. This change helps with enforcing
    max-cache-ttl and max-ncache-ttl in a timely manner.
  * It was possible to trigger a use-after-free assertion when the
    overmem cache cleaning was initiated. This has been fixed.
  New Features:
  * Added RESOLVER.ARPA to the built in empty zones.
- Security Fixes:
  * It is possible to craft excessively large numbers of resource
    record types for a given owner name, which has the effect of
    slowing down database processing. This has been addressed by
    adding a configurable limit to the number of records that can
    be stored per name and type in a cache or zone database. The
    default is 100, which can be tuned with the new
    max-types-per-name option. (CVE-2024-1737, bsc#1228256)
  * Validating DNS messages signed using the SIG(0) protocol (RFC
    2931) could cause excessive CPU load, leading to a
    denial-of-service condition. Support for SIG(0) message
    validation was removed from this version of named.
    (CVE-2024-1975, bsc#1228257)
  * When looking up the NS records of parent zones as part of
    looking up DS records, it was possible for named to trigger an
    assertion failure if serve-stale was enabled. This has been
    fixed. (CVE-2024-4076, bsc#1228258)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places