Overview

File _patchinfo of Package patchinfo.34940

<patchinfo incident="34940">
  <issue tracker="cve" id="2024-1975"/>
  <issue tracker="cve" id="2024-1737"/>
  <issue tracker="bnc" id="1228256">VUL-0: CVE-2024-1737: bind: BIND's database will be slow if a very large number of RRs exist at the same name</issue>
  <issue tracker="bnc" id="1228257">VUL-0: CVE-2024-1975: bind: SIG(0) can be used to exhaust CPU resources</issue>
  <packager>jcronenberg</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for bind</summary>
  <description>This update for bind fixes the following issues:

- CVE-2024-1737: It is possible to craft excessively large numbers of
  resource record types for a given owner name, which has the effect of
  slowing down database processing. This has been addressed by
  adding a configurable limit to the number of records that can
  be stored per name and type in a cache or zone database. The
  default is 100, which can be tuned with the new
  max-types-per-name option. (bsc#1228256)
- CVE-2024-1975: Validating DNS messages signed using the SIG(0)
  protocol (RFC 2931) could cause excessive CPU load, leading to a
  denial-of-service condition. Support for SIG(0) message
  validation was removed from this version of named.
  (bsc#1228257)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places