Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-3136 (GCVE-0-2017-3136)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-17 00:51
VLAI?
EPSS
Title
An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;"
Summary
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
Severity ?
5.9 (Medium)
CWE
- Servers are at risk if they are configured to use DNS64 and if the option "break-dnssec yes;" is in use.
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:1095 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/201708-01 | vendor-advisoryx_refsource_GENTOO |
| https://security.netapp.com/advisory/ntap-2018080… | x_refsource_CONFIRM |
| https://h20566.www2.hpe.com/hpsc/doc/public/displ… | x_refsource_CONFIRM |
| https://www.debian.org/security/2017/dsa-3854 | vendor-advisoryx_refsource_DEBIAN |
| http://www.securitytracker.com/id/1038259 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/97653 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:1105 | vendor-advisoryx_refsource_REDHAT |
| https://kb.isc.org/docs/aa-01465 | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Impacted products
Date Public ?
2017-03-12 00:00
Credits
ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability."
}
],
"datePublic": "2017-03-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Servers are at risk if they are configured to use DNS64 and if the option \"break-dnssec yes;\" is in use.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T11:06:37.000Z",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An error handling synthesized records could cause an assertion failure when using DNS64 with \"break-dnssec yes;\"",
"workarounds": [
{
"lang": "en",
"value": "Servers which have configurations which require DNS64 and \"break-dnssec yes;\" should upgrade. Servers which are not using these features in conjunction are not at risk from this defect."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3136",
"STATE": "PUBLIC",
"TITLE": "An error handling synthesized records could cause an assertion failure when using DNS64 with \"break-dnssec yes;\""
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers are at risk if they are configured to use DNS64 and if the option \"break-dnssec yes;\" is in use."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"name": "https://kb.isc.org/docs/aa-01465",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Servers which have configurations which require DNS64 and \"break-dnssec yes;\" should upgrade. Servers which are not using these features in conjunction are not at risk from this defect."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3136",
"datePublished": "2019-01-16T20:00:00.000Z",
"dateReserved": "2016-12-02T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:51:35.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-3136",
"date": "2026-05-19",
"epss": "0.48516",
"percentile": "0.97785"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.8.0\", \"versionEndIncluding\": \"9.8.8\", \"matchCriteriaId\": \"6BCD9327-F097-49B8-BEFF-07785EE8BB6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.9.0\", \"versionEndIncluding\": \"9.9.9\", \"matchCriteriaId\": \"4418EDD7-AC58-48A3-BE65-273C0E8222E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.10.0\", \"versionEndIncluding\": \"9.10.4\", \"matchCriteriaId\": \"C1DE78F6-B88E-44A7-BECD-B78B7E9052C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"25855A5C-302F-4A82-AEC1-8C4C9CB70362\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"86C1A668-D648-4E72-876B-E72D341003D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.0:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CFD0CE9-FE4D-4FB3-9486-36FA1A4FADF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.0:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"E134536A-0F48-4F54-8399-5EF4C09BFF85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.0:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"63C9ED44-1207-4BE6-B5BB-56D198DC0C19\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.0:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"561BF14D-8D6A-4DDB-82BB-6B8EBF34C326\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.0:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"931DBFCE-F071-490F-867F-52A150DBD245\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A7BE793-7717-4019-8F50-158C309E48B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCC182A9-5989-4A87-A3BA-F1CFAEDC95E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C8F0163-FF32-44E0-B05C-F89263CD56A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.9.10:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"94C0C9FC-5CCF-4AD7-8D83-7B579102F7E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB2D2132-62E8-4E73-A0BF-4790DAFC5558\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E253BD9F-25B8-42E7-BEAB-E843381ED155\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B5E42E5-27C6-4D6F-B7DC-903B10BF2017\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E211374-A4F5-41D4-A89E-E6522E9D0DFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*\", \"matchCriteriaId\": \"21CC7BA7-6D75-4561-ACF3-F1F61A0CBA62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.10.4:p6:*:*:*:*:*:*\", \"matchCriteriaId\": \"70586A2A-AA52-48F5-B2B0-390CA77807E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.10.5:b1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C5A0370-9490-40CC-84E8-EEE95A6F233B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.10.5:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEC78396-4667-4A45-8DBD-0D0C2AAE1549\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3160C5ED-75EA-47B2-998E-EDFC46B37DDA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"086C327B-DF9F-4D4E-A538-1E29FEDC34C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1440B408-76B6-4FA7-899D-E28049A37704\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.11.0:p3:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D50373F-C1C4-4EC9-B94F-854C3444717D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE6ED392-74B9-487E-83B0-ECAAEEAB3AB3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.11.1:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEA791E2-27E0-49C5-9823-0C57647C788F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98381E61-F082-4302-B51F-5648884F998B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D99A687E-EAE6-417E-A88E-D0082BC194CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B353CE99-D57C-465B-AAB0-73EF581127D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8442C20-41F9-47FD-9A12-E724D3A31FD7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85DF4B3F-4BBC-42B7-B729-096934523D63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8.\"}, {\"lang\": \"es\", \"value\": \"Una consulta con un conjunto determinado de caracter\\u00edsticas podr\\u00eda provocar que un servidor que emplea DNS64 se encuentre con un fallo de aserci\\u00f3n y termine. Un atacante podr\\u00eda construir deliberadamente una consulta, habilitando una denegaci\\u00f3n de servicio (DoS) contra un servidor si est\\u00e1 configurado para emplear la caracter\\u00edstica DNS64 y se cumplen otras precondiciones. Afecta a BIND desde la versi\\u00f3n 9.8.0 hasta la9.8.8-P1, desde la versi\\u00f3n 9.9.0 hasta la 9.9.9-P6, desde la versi\\u00f3n 9.9.10b1 hasta la 9.9.10rc1, desde la versi\\u00f3n 9.10.0 hasta la 9.10.4-P6, desde la versi\\u00f3n 9.10.5b1 hasta la 9.10.5rc1, desde la versi\\u00f3n 9.11.0 hasta la 9.11.0-P3, desde la versi\\u00f3n 9.11.1b1 hasta la 9.11.1rc1 y desde la versi\\u00f3n 9.9.3-S1 hasta 9.9.9-S8.\"}]",
"id": "CVE-2017-3136",
"lastModified": "2024-11-21T03:24:54.430",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"security-officer@isc.org\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-01-16T20:29:00.313",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html\", \"source\": \"security-officer@isc.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html\", \"source\": \"security-officer@isc.org\"}, {\"url\": \"http://www.securityfocus.com/bid/97653\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038259\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1095\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1105\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://kb.isc.org/docs/aa-01465\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201708-01\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180802-0002/\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2017/dsa-3854\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/97653\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038259\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1095\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1105\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://kb.isc.org/docs/aa-01465\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201708-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180802-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2017/dsa-3854\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-617\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-3136\",\"sourceIdentifier\":\"security-officer@isc.org\",\"published\":\"2019-01-16T20:29:00.313\",\"lastModified\":\"2024-11-21T03:24:54.430\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8.\"},{\"lang\":\"es\",\"value\":\"Una consulta con un conjunto determinado de caracter\u00edsticas podr\u00eda provocar que un servidor que emplea DNS64 se encuentre con un fallo de aserci\u00f3n y termine. Un atacante podr\u00eda construir deliberadamente una consulta, habilitando una denegaci\u00f3n de servicio (DoS) contra un servidor si est\u00e1 configurado para emplear la caracter\u00edstica DNS64 y se cumplen otras precondiciones. Afecta a BIND desde la versi\u00f3n 9.8.0 hasta la9.8.8-P1, desde la versi\u00f3n 9.9.0 hasta la 9.9.9-P6, desde la versi\u00f3n 9.9.10b1 hasta la 9.9.10rc1, desde la versi\u00f3n 9.10.0 hasta la 9.10.4-P6, desde la versi\u00f3n 9.10.5b1 hasta la 9.10.5rc1, desde la versi\u00f3n 9.11.0 hasta la 9.11.0-P3, desde la versi\u00f3n 9.11.1b1 hasta la 9.11.1rc1 y desde la versi\u00f3n 9.9.3-S1 hasta 9.9.9-S8.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"security-officer@isc.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-617\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.8.0\",\"versionEndIncluding\":\"9.8.8\",\"matchCriteriaId\":\"6BCD9327-F097-49B8-BEFF-07785EE8BB6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.9.0\",\"versionEndIncluding\":\"9.9.9\",\"matchCriteriaId\":\"4418EDD7-AC58-48A3-BE65-273C0E8222E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.10.0\",\"versionEndIncluding\":\"9.10.4\",\"matchCriteriaId\":\"C1DE78F6-B88E-44A7-BECD-B78B7E9052C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"25855A5C-302F-4A82-AEC1-8C4C9CB70362\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"86C1A668-D648-4E72-876B-E72D341003D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CFD0CE9-FE4D-4FB3-9486-36FA1A4FADF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E134536A-0F48-4F54-8399-5EF4C09BFF85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.0:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"63C9ED44-1207-4BE6-B5BB-56D198DC0C19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.0:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"561BF14D-8D6A-4DDB-82BB-6B8EBF34C326\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.0:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"931DBFCE-F071-490F-867F-52A150DBD245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A7BE793-7717-4019-8F50-158C309E48B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC182A9-5989-4A87-A3BA-F1CFAEDC95E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C8F0163-FF32-44E0-B05C-F89263CD56A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.10:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"94C0C9FC-5CCF-4AD7-8D83-7B579102F7E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB2D2132-62E8-4E73-A0BF-4790DAFC5558\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E253BD9F-25B8-42E7-BEAB-E843381ED155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B5E42E5-27C6-4D6F-B7DC-903B10BF2017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E211374-A4F5-41D4-A89E-E6522E9D0DFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"21CC7BA7-6D75-4561-ACF3-F1F61A0CBA62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.4:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"70586A2A-AA52-48F5-B2B0-390CA77807E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.5:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C5A0370-9490-40CC-84E8-EEE95A6F233B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.5:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEC78396-4667-4A45-8DBD-0D0C2AAE1549\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3160C5ED-75EA-47B2-998E-EDFC46B37DDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"086C327B-DF9F-4D4E-A538-1E29FEDC34C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1440B408-76B6-4FA7-899D-E28049A37704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.11.0:p3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D50373F-C1C4-4EC9-B94F-854C3444717D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE6ED392-74B9-487E-83B0-ECAAEEAB3AB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.11.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEA791E2-27E0-49C5-9823-0C57647C788F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98381E61-F082-4302-B51F-5648884F998B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8442C20-41F9-47FD-9A12-E724D3A31FD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85DF4B3F-4BBC-42B7-B729-096934523D63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html\",\"source\":\"security-officer@isc.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html\",\"source\":\"security-officer@isc.org\"},{\"url\":\"http://www.securityfocus.com/bid/97653\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038259\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1095\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1105\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kb.isc.org/docs/aa-01465\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201708-01\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180802-0002/\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2017/dsa-3854\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/97653\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038259\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1105\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kb.isc.org/docs/aa-01465\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201708-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180802-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2017/dsa-3854\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2017-AVI-112
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
BIND9 sans les derniers correctifs de sécurité
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eBIND9 sans les derniers correctifs de s\u00e9curit\u00e9\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3138"
},
{
"name": "CVE-2017-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3137"
},
{
"name": "CVE-2017-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3136"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-112",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-04-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eISC BIND\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans ISC BIND",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC BIND AA-01471 du 12 avril 2017",
"url": "https://kb.isc.org/article/AA-01471/74/CVE-2017-3138"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC BIND AA-01466 du 12 avril 2017",
"url": "https://kb.isc.org/article/AA-01466/74/CVE-2017-3137"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC BIND AA-01465 du 12 avril 2017",
"url": "https://kb.isc.org/article/AA-01465/74/CVE-2017-3136"
}
]
}
CERTFR-2019-AVI-014
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Centreon | Web | SRC Series Application Server et Web Administrator versions antérieures à 4.12.0-R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 sur vMX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75 | ||
| N/A | N/A | Juniper ATP | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series | ||
| Juniper Networks | Junos Space | Junos Space | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series | ||
| Juniper Networks | Junos OS | Tous produits et toutes plateformes exécutant Junos OS | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SRC Series Application Server et Web Administrator versions ant\u00e9rieures \u00e0 4.12.0-R1",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 sur vMX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper ATP",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Tous produits et toutes plateformes ex\u00e9cutant Junos OS",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0010"
},
{
"name": "CVE-2018-10901",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10901"
},
{
"name": "CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2018-5683",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5683"
},
{
"name": "CVE-2019-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0003"
},
{
"name": "CVE-2019-0007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0007"
},
{
"name": "CVE-2018-5391",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5391"
},
{
"name": "CVE-2017-13672",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13672"
},
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2018-7566",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7566"
},
{
"name": "CVE-2019-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0027"
},
{
"name": "CVE-2019-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0030"
},
{
"name": "CVE-2017-1000379",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000379"
},
{
"name": "CVE-2019-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0001"
},
{
"name": "CVE-2018-14634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14634"
},
{
"name": "CVE-2019-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0002"
},
{
"name": "CVE-2019-0013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0013"
},
{
"name": "CVE-2019-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0023"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2018-10675",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10675"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2017-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3137"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2017-3142",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3142"
},
{
"name": "CVE-2018-10872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10872"
},
{
"name": "CVE-2019-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0015"
},
{
"name": "CVE-2019-0005",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0005"
},
{
"name": "CVE-2019-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0009"
},
{
"name": "CVE-2018-7858",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7858"
},
{
"name": "CVE-2019-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0024"
},
{
"name": "CVE-2019-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0025"
},
{
"name": "CVE-2017-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3143"
},
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2019-0011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0011"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2017-15265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
},
{
"name": "CVE-2019-0012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0012"
},
{
"name": "CVE-2017-11610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11610"
},
{
"name": "CVE-2018-5748",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5748"
},
{
"name": "CVE-2019-0004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0004"
},
{
"name": "CVE-2019-0017",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0017"
},
{
"name": "CVE-2018-1126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1126"
},
{
"name": "CVE-2018-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3665"
},
{
"name": "CVE-2017-1000366",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000366"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2018-12020",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12020"
},
{
"name": "CVE-2018-5390",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5390"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-10897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10897"
},
{
"name": "CVE-2019-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0021"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2019-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0016"
},
{
"name": "CVE-2018-1124",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1124"
},
{
"name": "CVE-2018-8897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
},
{
"name": "CVE-2019-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0022"
},
{
"name": "CVE-2017-1000364",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000364"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2018-1050",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1050"
},
{
"name": "CVE-2019-0014",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0014"
},
{
"name": "CVE-2018-3693",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3693"
},
{
"name": "CVE-2018-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10911"
},
{
"name": "CVE-2019-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0026"
},
{
"name": "CVE-2019-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0029"
},
{
"name": "CVE-2019-0020",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0020"
},
{
"name": "CVE-2018-5740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5740"
},
{
"name": "CVE-2017-2619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2619"
},
{
"name": "CVE-2019-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0018"
},
{
"name": "CVE-2018-1000004",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000004"
},
{
"name": "CVE-2019-0006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0006"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2017-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3136"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2018-1064",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1064"
},
{
"name": "CVE-2018-10301",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10301"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-014",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10906 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10906\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10910 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10910\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10911 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10911\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10907 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10907\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10912 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10912\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10913 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10913\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10919 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10919\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10905 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10905\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10902 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10902\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10917 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10917\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10904 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10904\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10915 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10915\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10916 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10916\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10914 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10914\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10900 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10900\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10909 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10909\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10901 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10901\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10918 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10918\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10903 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10903\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2017-AVI-112
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
BIND9 sans les derniers correctifs de sécurité
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eBIND9 sans les derniers correctifs de s\u00e9curit\u00e9\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3138"
},
{
"name": "CVE-2017-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3137"
},
{
"name": "CVE-2017-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3136"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-112",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-04-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eISC BIND\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans ISC BIND",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC BIND AA-01471 du 12 avril 2017",
"url": "https://kb.isc.org/article/AA-01471/74/CVE-2017-3138"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC BIND AA-01466 du 12 avril 2017",
"url": "https://kb.isc.org/article/AA-01466/74/CVE-2017-3137"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC BIND AA-01465 du 12 avril 2017",
"url": "https://kb.isc.org/article/AA-01465/74/CVE-2017-3136"
}
]
}
CERTFR-2019-AVI-014
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Centreon | Web | SRC Series Application Server et Web Administrator versions antérieures à 4.12.0-R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 sur vMX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75 | ||
| N/A | N/A | Juniper ATP | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series | ||
| Juniper Networks | Junos Space | Junos Space | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series | ||
| Juniper Networks | Junos OS | Tous produits et toutes plateformes exécutant Junos OS | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SRC Series Application Server et Web Administrator versions ant\u00e9rieures \u00e0 4.12.0-R1",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 sur vMX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper ATP",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Tous produits et toutes plateformes ex\u00e9cutant Junos OS",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0010"
},
{
"name": "CVE-2018-10901",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10901"
},
{
"name": "CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2018-5683",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5683"
},
{
"name": "CVE-2019-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0003"
},
{
"name": "CVE-2019-0007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0007"
},
{
"name": "CVE-2018-5391",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5391"
},
{
"name": "CVE-2017-13672",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13672"
},
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2018-7566",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7566"
},
{
"name": "CVE-2019-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0027"
},
{
"name": "CVE-2019-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0030"
},
{
"name": "CVE-2017-1000379",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000379"
},
{
"name": "CVE-2019-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0001"
},
{
"name": "CVE-2018-14634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14634"
},
{
"name": "CVE-2019-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0002"
},
{
"name": "CVE-2019-0013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0013"
},
{
"name": "CVE-2019-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0023"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2018-10675",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10675"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2017-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3137"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2017-3142",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3142"
},
{
"name": "CVE-2018-10872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10872"
},
{
"name": "CVE-2019-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0015"
},
{
"name": "CVE-2019-0005",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0005"
},
{
"name": "CVE-2019-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0009"
},
{
"name": "CVE-2018-7858",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7858"
},
{
"name": "CVE-2019-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0024"
},
{
"name": "CVE-2019-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0025"
},
{
"name": "CVE-2017-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3143"
},
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2019-0011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0011"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2017-15265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
},
{
"name": "CVE-2019-0012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0012"
},
{
"name": "CVE-2017-11610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11610"
},
{
"name": "CVE-2018-5748",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5748"
},
{
"name": "CVE-2019-0004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0004"
},
{
"name": "CVE-2019-0017",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0017"
},
{
"name": "CVE-2018-1126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1126"
},
{
"name": "CVE-2018-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3665"
},
{
"name": "CVE-2017-1000366",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000366"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2018-12020",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12020"
},
{
"name": "CVE-2018-5390",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5390"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-10897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10897"
},
{
"name": "CVE-2019-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0021"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2019-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0016"
},
{
"name": "CVE-2018-1124",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1124"
},
{
"name": "CVE-2018-8897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
},
{
"name": "CVE-2019-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0022"
},
{
"name": "CVE-2017-1000364",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000364"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2018-1050",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1050"
},
{
"name": "CVE-2019-0014",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0014"
},
{
"name": "CVE-2018-3693",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3693"
},
{
"name": "CVE-2018-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10911"
},
{
"name": "CVE-2019-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0026"
},
{
"name": "CVE-2019-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0029"
},
{
"name": "CVE-2019-0020",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0020"
},
{
"name": "CVE-2018-5740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5740"
},
{
"name": "CVE-2017-2619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2619"
},
{
"name": "CVE-2019-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0018"
},
{
"name": "CVE-2018-1000004",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000004"
},
{
"name": "CVE-2019-0006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0006"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2017-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3136"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2018-1064",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1064"
},
{
"name": "CVE-2018-10301",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10301"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-014",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10906 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10906\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10910 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10910\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10911 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10911\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10907 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10907\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10912 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10912\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10913 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10913\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10919 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10919\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10905 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10905\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10902 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10902\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10917 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10917\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10904 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10904\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10915 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10915\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10916 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10916\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10914 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10914\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10900 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10900\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10909 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10909\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10901 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10901\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10918 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10918\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10903 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10903\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CNVD-2017-04456
Vulnerability from cnvd - Published: 2017-04-14
VLAI Severity ?
Title
ISC BIND 9 DNS64服务器拒绝服务漏洞
Description
ISC BIND是美国Internet Systems Consortium(ISC)公司所维护的一套实现了DNS协议的开源软件。
ISC BIND 9 DNS64服务器存在拒绝服务漏洞,攻击者可利用漏洞影响使用包含break-dnssec yes;选项的DNS64服务器。
Severity
中
Formal description
厂商尚未提供漏洞修补方案,请关注厂商主页及时更新: https://www.us-cert.gov/ncas/current-activity/2017/04/12/ISC-Releases-Security-Updates-BIND
Reference
https://www.us-cert.gov/ncas/current-activity/2017/04/12/ISC-Releases-Security-Updates-BIND
Impacted products
| Name | ['ISC BIND 9 9.9.9-P8', 'ISC BIND 9 9.10.4-P8', 'ISC BIND 9 9.11.0-P5', 'ISC BIND 9 9.9.9-S10'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-3136"
}
},
"description": "ISC BIND\u662f\u7f8e\u56fdInternet Systems Consortium\uff08ISC\uff09\u516c\u53f8\u6240\u7ef4\u62a4\u7684\u4e00\u5957\u5b9e\u73b0\u4e86DNS\u534f\u8bae\u7684\u5f00\u6e90\u8f6f\u4ef6\u3002\r\n\r\nISC BIND 9 DNS64\u670d\u52a1\u5668\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5f71\u54cd\u4f7f\u7528\u5305\u542bbreak-dnssec yes;\u9009\u9879\u7684DNS64\u670d\u52a1\u5668\u3002",
"discovererName": "Oana Murarasu",
"formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://www.us-cert.gov/ncas/current-activity/2017/04/12/ISC-Releases-Security-Updates-BIND",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-04456",
"openTime": "2017-04-14",
"products": {
"product": [
"ISC BIND 9 9.9.9-P8",
"ISC BIND 9 9.10.4-P8",
"ISC BIND 9 9.11.0-P5",
"ISC BIND 9 9.9.9-S10"
]
},
"referenceLink": "https://www.us-cert.gov/ncas/current-activity/2017/04/12/ISC-Releases-Security-Updates-BIND",
"serverity": "\u4e2d",
"submitTime": "2017-04-14",
"title": "ISC BIND 9 DNS64\u670d\u52a1\u5668\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
FKIE_CVE-2017-3136
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 03:24
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
References
| URL | Tags | ||
|---|---|---|---|
| security-officer@isc.org | http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html | ||
| security-officer@isc.org | http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html | ||
| security-officer@isc.org | http://www.securityfocus.com/bid/97653 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | http://www.securitytracker.com/id/1038259 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | https://access.redhat.com/errata/RHSA-2017:1095 | Third Party Advisory | |
| security-officer@isc.org | https://access.redhat.com/errata/RHSA-2017:1105 | Third Party Advisory | |
| security-officer@isc.org | https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us | Third Party Advisory | |
| security-officer@isc.org | https://kb.isc.org/docs/aa-01465 | Vendor Advisory | |
| security-officer@isc.org | https://security.gentoo.org/glsa/201708-01 | Third Party Advisory | |
| security-officer@isc.org | https://security.netapp.com/advisory/ntap-20180802-0002/ | Third Party Advisory | |
| security-officer@isc.org | https://www.debian.org/security/2017/dsa-3854 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97653 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038259 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1095 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:1105 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.isc.org/docs/aa-01465 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201708-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180802-0002/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2017/dsa-3854 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | 9.8.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.0 | |
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.10 | |
| isc | bind | 9.9.10 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.5 | |
| isc | bind | 9.10.5 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.1 | |
| isc | bind | 9.11.1 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.3 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| netapp | data_ontap_edge | - | |
| netapp | element_software | - | |
| netapp | oncommand_balance | - | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCD9327-F097-49B8-BEFF-07785EE8BB6D",
"versionEndIncluding": "9.8.8",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4418EDD7-AC58-48A3-BE65-273C0E8222E3",
"versionEndIncluding": "9.9.9",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1DE78F6-B88E-44A7-BECD-B78B7E9052C1",
"versionEndIncluding": "9.10.4",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "25855A5C-302F-4A82-AEC1-8C4C9CB70362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "86C1A668-D648-4E72-876B-E72D341003D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "0CFD0CE9-FE4D-4FB3-9486-36FA1A4FADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "E134536A-0F48-4F54-8399-5EF4C09BFF85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "63C9ED44-1207-4BE6-B5BB-56D198DC0C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "561BF14D-8D6A-4DDB-82BB-6B8EBF34C326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "931DBFCE-F071-490F-867F-52A150DBD245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7BE793-7717-4019-8F50-158C309E48B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*",
"matchCriteriaId": "FCC182A9-5989-4A87-A3BA-F1CFAEDC95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9C8F0163-FF32-44E0-B05C-F89263CD56A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "94C0C9FC-5CCF-4AD7-8D83-7B579102F7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "BB2D2132-62E8-4E73-A0BF-4790DAFC5558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "E253BD9F-25B8-42E7-BEAB-E843381ED155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "6B5E42E5-27C6-4D6F-B7DC-903B10BF2017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "7E211374-A4F5-41D4-A89E-E6522E9D0DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "21CC7BA7-6D75-4561-ACF3-F1F61A0CBA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "70586A2A-AA52-48F5-B2B0-390CA77807E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "8C5A0370-9490-40CC-84E8-EEE95A6F233B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CEC78396-4667-4A45-8DBD-0D0C2AAE1549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3160C5ED-75EA-47B2-998E-EDFC46B37DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "086C327B-DF9F-4D4E-A538-1E29FEDC34C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "1440B408-76B6-4FA7-899D-E28049A37704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "4D50373F-C1C4-4EC9-B94F-854C3444717D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*",
"matchCriteriaId": "CE6ED392-74B9-487E-83B0-ECAAEEAB3AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EEA791E2-27E0-49C5-9823-0C57647C788F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
},
{
"lang": "es",
"value": "Una consulta con un conjunto determinado de caracter\u00edsticas podr\u00eda provocar que un servidor que emplea DNS64 se encuentre con un fallo de aserci\u00f3n y termine. Un atacante podr\u00eda construir deliberadamente una consulta, habilitando una denegaci\u00f3n de servicio (DoS) contra un servidor si est\u00e1 configurado para emplear la caracter\u00edstica DNS64 y se cumplen otras precondiciones. Afecta a BIND desde la versi\u00f3n 9.8.0 hasta la9.8.8-P1, desde la versi\u00f3n 9.9.0 hasta la 9.9.9-P6, desde la versi\u00f3n 9.9.10b1 hasta la 9.9.10rc1, desde la versi\u00f3n 9.10.0 hasta la 9.10.4-P6, desde la versi\u00f3n 9.10.5b1 hasta la 9.10.5rc1, desde la versi\u00f3n 9.11.0 hasta la 9.11.0-P3, desde la versi\u00f3n 9.11.1b1 hasta la 9.11.1rc1 y desde la versi\u00f3n 9.9.3-S1 hasta 9.9.9-S8."
}
],
"id": "CVE-2017-3136",
"lastModified": "2024-11-21T03:24:54.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.313",
"references": [
{
"source": "security-officer@isc.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"source": "security-officer@isc.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-835V-J5FW-QQVQ
Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2022-05-13 01:14
VLAI?
Details
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
Severity ?
5.9 (Medium)
{
"affected": [],
"aliases": [
"CVE-2017-3136"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-16T20:29:00Z",
"severity": "MODERATE"
},
"details": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8.",
"id": "GHSA-835v-j5fw-qqvq",
"modified": "2022-05-13T01:14:26Z",
"published": "2022-05-13T01:14:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3136"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"type": "WEB",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"type": "WEB",
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/97653"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038259"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2017-3136
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-3136",
"description": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8.",
"id": "GSD-2017-3136",
"references": [
"https://www.suse.com/security/cve/CVE-2017-3136.html",
"https://www.debian.org/security/2017/dsa-3854",
"https://access.redhat.com/errata/RHSA-2017:1105",
"https://access.redhat.com/errata/RHSA-2017:1095",
"https://ubuntu.com/security/CVE-2017-3136",
"https://advisories.mageia.org/CVE-2017-3136.html",
"https://security.archlinux.org/CVE-2017-3136",
"https://alas.aws.amazon.com/cve/html/CVE-2017-3136.html",
"https://linux.oracle.com/cve/CVE-2017-3136.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-3136"
],
"details": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8.",
"id": "GSD-2017-3136",
"modified": "2023-12-13T01:21:16.459398Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3136",
"STATE": "PUBLIC",
"TITLE": "An error handling synthesized records could cause an assertion failure when using DNS64 with \"break-dnssec yes;\""
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers are at risk if they are configured to use DNS64 and if the option \"break-dnssec yes;\" is in use."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"name": "https://kb.isc.org/docs/aa-01465",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "eng",
"value": "Servers which have configurations which require DNS64 and \"break-dnssec yes;\" should upgrade. Servers which are not using these features in conjunction are not at risk from this defect."
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.8.8",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.11.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:p4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:p5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.5:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.10:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.5:b1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.10.4:p6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.10.4",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.9.0:p6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.9.9",
"versionStartIncluding": "9.9.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"ID": "CVE-2017-3136"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/aa-01465",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "RHSA-2017:1105",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"name": "RHSA-2017:1095",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "1038259",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-10-20T12:15Z",
"publishedDate": "2019-01-16T20:29Z"
}
}
}
OPENSUSE-SU-2020:1699-1
Vulnerability from csaf_opensuse - Published: 2020-10-19 18:22 - Updated: 2020-10-19 18:22Summary
Security update for bind
Severity
Moderate
Notes
Title of the patch: Security update for bind
Description of the patch: This update for bind fixes the following issues:
BIND was upgraded to version 9.16.6:
Note:
- bind is now more strict in regards to DNSSEC. If queries are not working,
check for DNSSEC issues. For instance, if bind is used in a namserver
forwarder chain, the forwarding DNS servers must support DNSSEC.
Fixing security issues:
- CVE-2020-8616: Further limit the number of queries that can be triggered from
a request. Root and TLD servers are no longer exempt
from max-recursion-queries. Fetches for missing name server. (bsc#1171740)
Address records are limited to 4 for any domain.
- CVE-2020-8617: Replaying a TSIG BADTIME response as a request could trigger an
assertion failure. (bsc#1171740)
- CVE-2019-6477: Fixed an issue where TCP-pipelined queries could bypass
the tcp-clients limit (bsc#1157051).
- CVE-2018-5741: Fixed the documentation (bsc#1109160).
- CVE-2020-8618: It was possible to trigger an INSIST when determining
whether a record would fit into a TCP message buffer (bsc#1172958).
- CVE-2020-8619: It was possible to trigger an INSIST in
lib/dns/rbtdb.c:new_reference() with a particular zone content
and query patterns (bsc#1172958).
- CVE-2020-8624: 'update-policy' rules of type 'subdomain' were
incorrectly treated as 'zonesub' rules, which allowed
keys used in 'subdomain' rules to update names outside
of the specified subdomains. The problem was fixed by
making sure 'subdomain' rules are again processed as
described in the ARM (bsc#1175443).
- CVE-2020-8623: When BIND 9 was compiled with native PKCS#11 support, it
was possible to trigger an assertion failure in code
determining the number of bits in the PKCS#11 RSA public
key with a specially crafted packet (bsc#1175443).
- CVE-2020-8621: named could crash in certain query resolution scenarios
where QNAME minimization and forwarding were both
enabled (bsc#1175443).
- CVE-2020-8620: It was possible to trigger an assertion failure by
sending a specially crafted large TCP DNS message (bsc#1175443).
- CVE-2020-8622: It was possible to trigger an assertion failure when
verifying the response to a TSIG-signed request (bsc#1175443).
Other issues fixed:
- Add engine support to OpenSSL EdDSA implementation.
- Add engine support to OpenSSL ECDSA implementation.
- Update PKCS#11 EdDSA implementation to PKCS#11 v3.0.
- Warn about AXFR streams with inconsistent message IDs.
- Make ISC rwlock implementation the default again.
- Fixed issues when using cookie-secrets for AES and SHA2 (bsc#1161168)
- Installed the default files in /var/lib/named and created
chroot environment on systems using transactional-updates (bsc#1100369, fate#325524)
- Fixed an issue where bind was not working in FIPS mode (bsc#906079).
- Fixed dependency issues (bsc#1118367 and bsc#1118368).
- GeoIP support is now discontinued, now GeoIP2 is used(bsc#1156205).
- Fixed an issue with FIPS (bsc#1128220).
- The liblwres library is discontinued upstream and is no longer included.
- Added service dependency on NTP to make sure the clock is accurate when bind is starts (bsc#1170667, bsc#1170713).
- Reject DS records at the zone apex when loading master files. Log but otherwise ignore attempts to add DS records at the zone apex via UPDATE.
- The default value of 'max-stale-ttl' has been changed from 1 week to 12 hours.
- Zone timers are now exported via statistics channel.
- The 'primary' and 'secondary' keywords, when used as parameters for 'check-names', were not processed correctly and were being ignored.
- 'rndc dnstap -roll <value>' did not limit the number of saved files to <value>.
- Add 'rndc dnssec -status' command.
- Addressed a couple of situations where named could crash.
- Changed /var/lib/named to owner root:named and perms rwxrwxr-t
so that named, being a/the only member of the 'named' group
has full r/w access yet cannot change directories owned by root
in the case of a compromized named.
[bsc#1173307, bind-chrootenv.conf]
- Added '/etc/bind.keys' to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named to suppress warning message re missing file (bsc#1173983).
- Removed '-r /dev/urandom' from all invocations of rndc-confgen
(init/named system/lwresd.init system/named.init in vendor-files)
as this option is deprecated and causes rndc-confgen to fail.
(bsc#1173311, bsc#1176674, bsc#1170713)
- /usr/bin/genDDNSkey: Removing the use of the -r option in the call
of /usr/sbin/dnssec-keygen as BIND now uses the random number
functions provided by the crypto library (i.e., OpenSSL or a
PKCS#11 provider) as a source of randomness rather than /dev/random.
Therefore the -r command line option no longer has any effect on
dnssec-keygen. Leaving the option in genDDNSkey as to not break
compatibility. Patch provided by Stefan Eisenwiener.
[bsc#1171313]
- Put libns into a separate subpackage to avoid file conflicts
in the libisc subpackage due to different sonums (bsc#1176092).
- Require /sbin/start_daemon: both init scripts, the one used in
systemd context as well as legacy sysv, make use of start_daemon.
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2020-1699
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
76 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1100369 | self |
| https://bugzilla.suse.com/1109160 | self |
| https://bugzilla.suse.com/1118367 | self |
| https://bugzilla.suse.com/1118368 | self |
| https://bugzilla.suse.com/1128220 | self |
| https://bugzilla.suse.com/1156205 | self |
| https://bugzilla.suse.com/1157051 | self |
| https://bugzilla.suse.com/1161168 | self |
| https://bugzilla.suse.com/1170667 | self |
| https://bugzilla.suse.com/1170713 | self |
| https://bugzilla.suse.com/1171313 | self |
| https://bugzilla.suse.com/1171740 | self |
| https://bugzilla.suse.com/1172958 | self |
| https://bugzilla.suse.com/1173307 | self |
| https://bugzilla.suse.com/1173311 | self |
| https://bugzilla.suse.com/1173983 | self |
| https://bugzilla.suse.com/1175443 | self |
| https://bugzilla.suse.com/1176092 | self |
| https://bugzilla.suse.com/1176674 | self |
| https://bugzilla.suse.com/906079 | self |
| https://www.suse.com/security/cve/CVE-2017-3136/ | self |
| https://www.suse.com/security/cve/CVE-2018-5741/ | self |
| https://www.suse.com/security/cve/CVE-2019-6477/ | self |
| https://www.suse.com/security/cve/CVE-2020-8616/ | self |
| https://www.suse.com/security/cve/CVE-2020-8617/ | self |
| https://www.suse.com/security/cve/CVE-2020-8618/ | self |
| https://www.suse.com/security/cve/CVE-2020-8619/ | self |
| https://www.suse.com/security/cve/CVE-2020-8620/ | self |
| https://www.suse.com/security/cve/CVE-2020-8621/ | self |
| https://www.suse.com/security/cve/CVE-2020-8622/ | self |
| https://www.suse.com/security/cve/CVE-2020-8623/ | self |
| https://www.suse.com/security/cve/CVE-2020-8624/ | self |
| https://www.suse.com/security/cve/CVE-2017-3136 | external |
| https://bugzilla.suse.com/1018700 | external |
| https://bugzilla.suse.com/1018701 | external |
| https://bugzilla.suse.com/1018702 | external |
| https://bugzilla.suse.com/1024130 | external |
| https://bugzilla.suse.com/1033461 | external |
| https://bugzilla.suse.com/1033466 | external |
| https://bugzilla.suse.com/1081545 | external |
| https://www.suse.com/security/cve/CVE-2018-5741 | external |
| https://bugzilla.suse.com/1109160 | external |
| https://bugzilla.suse.com/1171740 | external |
| https://www.suse.com/security/cve/CVE-2019-6477 | external |
| https://bugzilla.suse.com/1157051 | external |
| https://bugzilla.suse.com/1197136 | external |
| https://www.suse.com/security/cve/CVE-2020-8616 | external |
| https://bugzilla.suse.com/1109160 | external |
| https://bugzilla.suse.com/1171740 | external |
| https://www.suse.com/security/cve/CVE-2020-8617 | external |
| https://bugzilla.suse.com/1109160 | external |
| https://bugzilla.suse.com/1171740 | external |
| https://www.suse.com/security/cve/CVE-2020-8618 | external |
| https://bugzilla.suse.com/1172958 | external |
| https://www.suse.com/security/cve/CVE-2020-8619 | external |
| https://bugzilla.suse.com/1172958 | external |
| https://www.suse.com/security/cve/CVE-2020-8620 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1191120 | external |
| https://www.suse.com/security/cve/CVE-2020-8621 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1191120 | external |
| https://www.suse.com/security/cve/CVE-2020-8622 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1188888 | external |
| https://bugzilla.suse.com/1191120 | external |
| https://www.suse.com/security/cve/CVE-2020-8623 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1191120 | external |
| https://www.suse.com/security/cve/CVE-2020-8624 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1191120 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for bind",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for bind fixes the following issues:\n\nBIND was upgraded to version 9.16.6:\n\nNote:\n\n- bind is now more strict in regards to DNSSEC. If queries are not working,\n check for DNSSEC issues. For instance, if bind is used in a namserver\n forwarder chain, the forwarding DNS servers must support DNSSEC.\n\nFixing security issues:\n\n- CVE-2020-8616: Further limit the number of queries that can be triggered from\n a request. Root and TLD servers are no longer exempt\n from max-recursion-queries. Fetches for missing name server. (bsc#1171740)\n Address records are limited to 4 for any domain.\n- CVE-2020-8617: Replaying a TSIG BADTIME response as a request could trigger an\n assertion failure. (bsc#1171740)\n- CVE-2019-6477: Fixed an issue where TCP-pipelined queries could bypass \n the tcp-clients limit (bsc#1157051).\n- CVE-2018-5741: Fixed the documentation (bsc#1109160).\n- CVE-2020-8618: It was possible to trigger an INSIST when determining\n whether a record would fit into a TCP message buffer (bsc#1172958).\n- CVE-2020-8619: It was possible to trigger an INSIST in\n lib/dns/rbtdb.c:new_reference() with a particular zone content\n and query patterns (bsc#1172958).\n- CVE-2020-8624: \u0027update-policy\u0027 rules of type \u0027subdomain\u0027 were\n incorrectly treated as \u0027zonesub\u0027 rules, which allowed\n keys used in \u0027subdomain\u0027 rules to update names outside\n of the specified subdomains. The problem was fixed by\n making sure \u0027subdomain\u0027 rules are again processed as\n described in the ARM (bsc#1175443).\n- CVE-2020-8623: When BIND 9 was compiled with native PKCS#11 support, it\n was possible to trigger an assertion failure in code\n determining the number of bits in the PKCS#11 RSA public\n key with a specially crafted packet (bsc#1175443).\n- CVE-2020-8621: named could crash in certain query resolution scenarios\n where QNAME minimization and forwarding were both\n enabled (bsc#1175443).\n- CVE-2020-8620: It was possible to trigger an assertion failure by\n sending a specially crafted large TCP DNS message (bsc#1175443).\n- CVE-2020-8622: It was possible to trigger an assertion failure when\n verifying the response to a TSIG-signed request (bsc#1175443).\n\nOther issues fixed:\n\n- Add engine support to OpenSSL EdDSA implementation.\n- Add engine support to OpenSSL ECDSA implementation.\n- Update PKCS#11 EdDSA implementation to PKCS#11 v3.0.\n- Warn about AXFR streams with inconsistent message IDs.\n- Make ISC rwlock implementation the default again.\n- Fixed issues when using cookie-secrets for AES and SHA2 (bsc#1161168)\n- Installed the default files in /var/lib/named and created \n chroot environment on systems using transactional-updates (bsc#1100369, fate#325524)\n- Fixed an issue where bind was not working in FIPS mode (bsc#906079).\n- Fixed dependency issues (bsc#1118367 and bsc#1118368).\n- GeoIP support is now discontinued, now GeoIP2 is used(bsc#1156205).\n- Fixed an issue with FIPS (bsc#1128220).\n- The liblwres library is discontinued upstream and is no longer included.\n- Added service dependency on NTP to make sure the clock is accurate when bind is starts (bsc#1170667, bsc#1170713).\n- Reject DS records at the zone apex when loading master files. Log but otherwise ignore attempts to add DS records at the zone apex via UPDATE.\n- The default value of \u0027max-stale-ttl\u0027 has been changed from 1 week to 12 hours.\n- Zone timers are now exported via statistics channel.\n- The \u0027primary\u0027 and \u0027secondary\u0027 keywords, when used as parameters for \u0027check-names\u0027, were not processed correctly and were being ignored.\n- \u0027rndc dnstap -roll \u003cvalue\u003e\u0027 did not limit the number of saved files to \u003cvalue\u003e.\n- Add \u0027rndc dnssec -status\u0027 command.\n- Addressed a couple of situations where named could crash.\n- Changed /var/lib/named to owner root:named and perms rwxrwxr-t\n so that named, being a/the only member of the \u0027named\u0027 group\n has full r/w access yet cannot change directories owned by root\n in the case of a compromized named.\n [bsc#1173307, bind-chrootenv.conf]\n- Added \u0027/etc/bind.keys\u0027 to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named to suppress warning message re missing file (bsc#1173983).\n- Removed \u0027-r /dev/urandom\u0027 from all invocations of rndc-confgen\n (init/named system/lwresd.init system/named.init in vendor-files)\n as this option is deprecated and causes rndc-confgen to fail.\n (bsc#1173311, bsc#1176674, bsc#1170713)\n- /usr/bin/genDDNSkey: Removing the use of the -r option in the call\n of /usr/sbin/dnssec-keygen as BIND now uses the random number\n functions provided by the crypto library (i.e., OpenSSL or a\n PKCS#11 provider) as a source of randomness rather than /dev/random.\n Therefore the -r command line option no longer has any effect on\n dnssec-keygen. Leaving the option in genDDNSkey as to not break\n compatibility. Patch provided by Stefan Eisenwiener.\n [bsc#1171313]\n- Put libns into a separate subpackage to avoid file conflicts\n in the libisc subpackage due to different sonums (bsc#1176092).\n- Require /sbin/start_daemon: both init scripts, the one used in\n systemd context as well as legacy sysv, make use of start_daemon.\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1699",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1699-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1699-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VUOYW2V65CJWOTYJHZKJDB23QXG7SODU/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1699-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VUOYW2V65CJWOTYJHZKJDB23QXG7SODU/"
},
{
"category": "self",
"summary": "SUSE Bug 1100369",
"url": "https://bugzilla.suse.com/1100369"
},
{
"category": "self",
"summary": "SUSE Bug 1109160",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "self",
"summary": "SUSE Bug 1118367",
"url": "https://bugzilla.suse.com/1118367"
},
{
"category": "self",
"summary": "SUSE Bug 1118368",
"url": "https://bugzilla.suse.com/1118368"
},
{
"category": "self",
"summary": "SUSE Bug 1128220",
"url": "https://bugzilla.suse.com/1128220"
},
{
"category": "self",
"summary": "SUSE Bug 1156205",
"url": "https://bugzilla.suse.com/1156205"
},
{
"category": "self",
"summary": "SUSE Bug 1157051",
"url": "https://bugzilla.suse.com/1157051"
},
{
"category": "self",
"summary": "SUSE Bug 1161168",
"url": "https://bugzilla.suse.com/1161168"
},
{
"category": "self",
"summary": "SUSE Bug 1170667",
"url": "https://bugzilla.suse.com/1170667"
},
{
"category": "self",
"summary": "SUSE Bug 1170713",
"url": "https://bugzilla.suse.com/1170713"
},
{
"category": "self",
"summary": "SUSE Bug 1171313",
"url": "https://bugzilla.suse.com/1171313"
},
{
"category": "self",
"summary": "SUSE Bug 1171740",
"url": "https://bugzilla.suse.com/1171740"
},
{
"category": "self",
"summary": "SUSE Bug 1172958",
"url": "https://bugzilla.suse.com/1172958"
},
{
"category": "self",
"summary": "SUSE Bug 1173307",
"url": "https://bugzilla.suse.com/1173307"
},
{
"category": "self",
"summary": "SUSE Bug 1173311",
"url": "https://bugzilla.suse.com/1173311"
},
{
"category": "self",
"summary": "SUSE Bug 1173983",
"url": "https://bugzilla.suse.com/1173983"
},
{
"category": "self",
"summary": "SUSE Bug 1175443",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "self",
"summary": "SUSE Bug 1176092",
"url": "https://bugzilla.suse.com/1176092"
},
{
"category": "self",
"summary": "SUSE Bug 1176674",
"url": "https://bugzilla.suse.com/1176674"
},
{
"category": "self",
"summary": "SUSE Bug 906079",
"url": "https://bugzilla.suse.com/906079"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3136 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5741 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6477 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8616 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8617 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8618 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8619 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8620 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8621 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8622 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8623 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8624 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8624/"
}
],
"title": "Security update for bind",
"tracking": {
"current_release_date": "2020-10-19T18:22:55Z",
"generator": {
"date": "2020-10-19T18:22:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1699-1",
"initial_release_date": "2020-10-19T18:22:55Z",
"revision_history": [
{
"date": "2020-10-19T18:22:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "bind-9.16.6-lp152.14.3.1.i586",
"product_id": "bind-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"product_id": "bind-chrootenv-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "bind-devel-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "bind-devel-9.16.6-lp152.14.3.1.i586",
"product_id": "bind-devel-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "bind-utils-9.16.6-lp152.14.3.1.i586",
"product_id": "bind-utils-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "libbind9-1600-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "libbind9-1600-9.16.6-lp152.14.3.1.i586",
"product_id": "libbind9-1600-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "libdns1605-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "libdns1605-9.16.6-lp152.14.3.1.i586",
"product_id": "libdns1605-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "libirs-devel-9.16.6-lp152.14.3.1.i586",
"product_id": "libirs-devel-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "libirs1601-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "libirs1601-9.16.6-lp152.14.3.1.i586",
"product_id": "libirs1601-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "libisc1606-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "libisc1606-9.16.6-lp152.14.3.1.i586",
"product_id": "libisc1606-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "libisccc1600-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "libisccc1600-9.16.6-lp152.14.3.1.i586",
"product_id": "libisccc1600-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "libisccfg1600-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "libisccfg1600-9.16.6-lp152.14.3.1.i586",
"product_id": "libisccfg1600-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "libns1604-9.16.6-lp152.14.3.1.i586",
"product": {
"name": "libns1604-9.16.6-lp152.14.3.1.i586",
"product_id": "libns1604-9.16.6-lp152.14.3.1.i586"
}
},
{
"category": "product_version",
"name": "libuv-devel-1.18.0-lp152.4.3.1.i586",
"product": {
"name": "libuv-devel-1.18.0-lp152.4.3.1.i586",
"product_id": "libuv-devel-1.18.0-lp152.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "libuv1-1.18.0-lp152.4.3.1.i586",
"product": {
"name": "libuv1-1.18.0-lp152.4.3.1.i586",
"product_id": "libuv1-1.18.0-lp152.4.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-doc-9.16.6-lp152.14.3.1.noarch",
"product": {
"name": "bind-doc-9.16.6-lp152.14.3.1.noarch",
"product_id": "bind-doc-9.16.6-lp152.14.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-bind-9.16.6-lp152.14.3.1.noarch",
"product": {
"name": "python3-bind-9.16.6-lp152.14.3.1.noarch",
"product_id": "python3-bind-9.16.6-lp152.14.3.1.noarch"
}
},
{
"category": "product_version",
"name": "sysuser-shadow-2.0-lp152.5.3.1.noarch",
"product": {
"name": "sysuser-shadow-2.0-lp152.5.3.1.noarch",
"product_id": "sysuser-shadow-2.0-lp152.5.3.1.noarch"
}
},
{
"category": "product_version",
"name": "sysuser-tools-2.0-lp152.5.3.1.noarch",
"product": {
"name": "sysuser-tools-2.0-lp152.5.3.1.noarch",
"product_id": "sysuser-tools-2.0-lp152.5.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "bind-9.16.6-lp152.14.3.1.x86_64",
"product_id": "bind-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"product_id": "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-devel-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "bind-devel-9.16.6-lp152.14.3.1.x86_64",
"product_id": "bind-devel-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"product_id": "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "bind-utils-9.16.6-lp152.14.3.1.x86_64",
"product_id": "bind-utils-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libbind9-1600-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns1605-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libdns1605-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libdns1605-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libirs-devel-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs1601-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libirs1601-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libirs1601-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisc1606-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libisc1606-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libisc1606-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libisccc1600-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libisccfg1600-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libns1604-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libns1604-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libns1604-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"product": {
"name": "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"product_id": "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"product": {
"name": "libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"product_id": "libuv-devel-1.18.0-lp152.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libuv1-1.18.0-lp152.4.3.1.x86_64",
"product": {
"name": "libuv1-1.18.0-lp152.4.3.1.x86_64",
"product_id": "libuv1-1.18.0-lp152.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"product": {
"name": "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"product_id": "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "bind-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "bind-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "bind-devel-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "bind-devel-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.6-lp152.14.3.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch"
},
"product_reference": "bind-doc-9.16.6-lp152.14.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "bind-utils-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "libbind9-1600-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "libdns1605-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "libirs-devel-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "libirs1601-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "libisc1606-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "libisccc1600-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "libisccfg1600-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586"
},
"product_reference": "libns1604-9.16.6-lp152.14.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libns1604-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64"
},
"product_reference": "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv-devel-1.18.0-lp152.4.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586"
},
"product_reference": "libuv-devel-1.18.0-lp152.4.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv-devel-1.18.0-lp152.4.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64"
},
"product_reference": "libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv1-1.18.0-lp152.4.3.1.i586 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586"
},
"product_reference": "libuv1-1.18.0-lp152.4.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv1-1.18.0-lp152.4.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64"
},
"product_reference": "libuv1-1.18.0-lp152.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64"
},
"product_reference": "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-lp152.14.3.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch"
},
"product_reference": "python3-bind-9.16.6-lp152.14.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sysuser-shadow-2.0-lp152.5.3.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch"
},
"product_reference": "sysuser-shadow-2.0-lp152.5.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sysuser-tools-2.0-lp152.5.3.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
},
"product_reference": "sysuser-tools-2.0-lp152.5.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3136"
}
],
"notes": [
{
"category": "general",
"text": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3136",
"url": "https://www.suse.com/security/cve/CVE-2017-3136"
},
{
"category": "external",
"summary": "SUSE Bug 1018700 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1018700"
},
{
"category": "external",
"summary": "SUSE Bug 1018701 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1018701"
},
{
"category": "external",
"summary": "SUSE Bug 1018702 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1018702"
},
{
"category": "external",
"summary": "SUSE Bug 1024130 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1024130"
},
{
"category": "external",
"summary": "SUSE Bug 1033461 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1033461"
},
{
"category": "external",
"summary": "SUSE Bug 1033466 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1033466"
},
{
"category": "external",
"summary": "SUSE Bug 1081545 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1081545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "important"
}
],
"title": "CVE-2017-3136"
},
{
"cve": "CVE-2018-5741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5741"
}
],
"notes": [
{
"category": "general",
"text": "To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update request. Unfortunately, some rule types were not initially documented, and when documentation for them was added to the Administrator Reference Manual (ARM) in change #3112, the language that was added to the ARM at that time incorrectly described the behavior of two rule types, krb5-subdomain and ms-subdomain. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. This affects BIND versions prior to BIND 9.11.5 and BIND 9.12.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5741",
"url": "https://www.suse.com/security/cve/CVE-2018-5741"
},
{
"category": "external",
"summary": "SUSE Bug 1109160 for CVE-2018-5741",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "external",
"summary": "SUSE Bug 1171740 for CVE-2018-5741",
"url": "https://bugzilla.suse.com/1171740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "moderate"
}
],
"title": "CVE-2018-5741"
},
{
"cve": "CVE-2019-6477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6477"
}
],
"notes": [
{
"category": "general",
"text": "With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6477",
"url": "https://www.suse.com/security/cve/CVE-2019-6477"
},
{
"category": "external",
"summary": "SUSE Bug 1157051 for CVE-2019-6477",
"url": "https://bugzilla.suse.com/1157051"
},
{
"category": "external",
"summary": "SUSE Bug 1197136 for CVE-2019-6477",
"url": "https://bugzilla.suse.com/1197136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "important"
}
],
"title": "CVE-2019-6477"
},
{
"cve": "CVE-2020-8616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8616"
}
],
"notes": [
{
"category": "general",
"text": "A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8616",
"url": "https://www.suse.com/security/cve/CVE-2020-8616"
},
{
"category": "external",
"summary": "SUSE Bug 1109160 for CVE-2020-8616",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "external",
"summary": "SUSE Bug 1171740 for CVE-2020-8616",
"url": "https://bugzilla.suse.com/1171740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "moderate"
}
],
"title": "CVE-2020-8616"
},
{
"cve": "CVE-2020-8617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8617"
}
],
"notes": [
{
"category": "general",
"text": "Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8617",
"url": "https://www.suse.com/security/cve/CVE-2020-8617"
},
{
"category": "external",
"summary": "SUSE Bug 1109160 for CVE-2020-8617",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "external",
"summary": "SUSE Bug 1171740 for CVE-2020-8617",
"url": "https://bugzilla.suse.com/1171740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "moderate"
}
],
"title": "CVE-2020-8617"
},
{
"cve": "CVE-2020-8618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8618"
}
],
"notes": [
{
"category": "general",
"text": "An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8618",
"url": "https://www.suse.com/security/cve/CVE-2020-8618"
},
{
"category": "external",
"summary": "SUSE Bug 1172958 for CVE-2020-8618",
"url": "https://bugzilla.suse.com/1172958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "moderate"
}
],
"title": "CVE-2020-8618"
},
{
"cve": "CVE-2020-8619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8619"
}
],
"notes": [
{
"category": "general",
"text": "In ISC BIND9 versions BIND 9.11.14 -\u003e 9.11.19, BIND 9.14.9 -\u003e 9.14.12, BIND 9.16.0 -\u003e 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -\u003e 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (\"*\") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8619",
"url": "https://www.suse.com/security/cve/CVE-2020-8619"
},
{
"category": "external",
"summary": "SUSE Bug 1172958 for CVE-2020-8619",
"url": "https://bugzilla.suse.com/1172958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "moderate"
}
],
"title": "CVE-2020-8619"
},
{
"cve": "CVE-2020-8620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8620"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.15.6 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8620",
"url": "https://www.suse.com/security/cve/CVE-2020-8620"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8620",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8620",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "important"
}
],
"title": "CVE-2020-8620"
},
{
"cve": "CVE-2020-8621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8621"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, If a server is configured with both QNAME minimization and \u0027forward first\u0027 then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that \u0027forward only\u0027 are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8621",
"url": "https://www.suse.com/security/cve/CVE-2020-8621"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8621",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8621",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "important"
}
],
"title": "CVE-2020-8621"
},
{
"cve": "CVE-2020-8622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8622"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8622",
"url": "https://www.suse.com/security/cve/CVE-2020-8622"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8622",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1188888 for CVE-2020-8622",
"url": "https://bugzilla.suse.com/1188888"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8622",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "important"
}
],
"title": "CVE-2020-8622"
},
{
"cve": "CVE-2020-8623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8623"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8623",
"url": "https://www.suse.com/security/cve/CVE-2020-8623"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8623",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8623",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "important"
}
],
"title": "CVE-2020-8623"
},
{
"cve": "CVE-2020-8624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8624"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.9.12 -\u003e 9.9.13, 9.10.7 -\u003e 9.10.8, 9.11.3 -\u003e 9.11.21, 9.12.1 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.12-S1 -\u003e 9.9.13-S1, 9.11.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone\u0027s content could abuse these unintended additional privileges to update other contents of the zone.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8624",
"url": "https://www.suse.com/security/cve/CVE-2020-8624"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8624",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8624",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586",
"openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586",
"openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64",
"openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch",
"openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch",
"openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-19T18:22:55Z",
"details": "important"
}
],
"title": "CVE-2020-8624"
}
]
}
OPENSUSE-SU-2020:1701-1
Vulnerability from csaf_opensuse - Published: 2020-10-20 04:20 - Updated: 2020-10-20 04:20Summary
Security update for bind
Severity
Moderate
Notes
Title of the patch: Security update for bind
Description of the patch: This update for bind fixes the following issues:
BIND was upgraded to version 9.16.6:
Note:
- bind is now more strict in regards to DNSSEC. If queries are not working,
check for DNSSEC issues. For instance, if bind is used in a namserver
forwarder chain, the forwarding DNS servers must support DNSSEC.
Fixing security issues:
- CVE-2020-8616: Further limit the number of queries that can be triggered from
a request. Root and TLD servers are no longer exempt
from max-recursion-queries. Fetches for missing name server. (bsc#1171740)
Address records are limited to 4 for any domain.
- CVE-2020-8617: Replaying a TSIG BADTIME response as a request could trigger an
assertion failure. (bsc#1171740)
- CVE-2019-6477: Fixed an issue where TCP-pipelined queries could bypass
the tcp-clients limit (bsc#1157051).
- CVE-2018-5741: Fixed the documentation (bsc#1109160).
- CVE-2020-8618: It was possible to trigger an INSIST when determining
whether a record would fit into a TCP message buffer (bsc#1172958).
- CVE-2020-8619: It was possible to trigger an INSIST in
lib/dns/rbtdb.c:new_reference() with a particular zone content
and query patterns (bsc#1172958).
- CVE-2020-8624: 'update-policy' rules of type 'subdomain' were
incorrectly treated as 'zonesub' rules, which allowed
keys used in 'subdomain' rules to update names outside
of the specified subdomains. The problem was fixed by
making sure 'subdomain' rules are again processed as
described in the ARM (bsc#1175443).
- CVE-2020-8623: When BIND 9 was compiled with native PKCS#11 support, it
was possible to trigger an assertion failure in code
determining the number of bits in the PKCS#11 RSA public
key with a specially crafted packet (bsc#1175443).
- CVE-2020-8621: named could crash in certain query resolution scenarios
where QNAME minimization and forwarding were both
enabled (bsc#1175443).
- CVE-2020-8620: It was possible to trigger an assertion failure by
sending a specially crafted large TCP DNS message (bsc#1175443).
- CVE-2020-8622: It was possible to trigger an assertion failure when
verifying the response to a TSIG-signed request (bsc#1175443).
Other issues fixed:
- Add engine support to OpenSSL EdDSA implementation.
- Add engine support to OpenSSL ECDSA implementation.
- Update PKCS#11 EdDSA implementation to PKCS#11 v3.0.
- Warn about AXFR streams with inconsistent message IDs.
- Make ISC rwlock implementation the default again.
- Fixed issues when using cookie-secrets for AES and SHA2 (bsc#1161168)
- Installed the default files in /var/lib/named and created
chroot environment on systems using transactional-updates (bsc#1100369, fate#325524)
- Fixed an issue where bind was not working in FIPS mode (bsc#906079).
- Fixed dependency issues (bsc#1118367 and bsc#1118368).
- GeoIP support is now discontinued, now GeoIP2 is used(bsc#1156205).
- Fixed an issue with FIPS (bsc#1128220).
- The liblwres library is discontinued upstream and is no longer included.
- Added service dependency on NTP to make sure the clock is accurate when bind is starts (bsc#1170667, bsc#1170713).
- Reject DS records at the zone apex when loading master files. Log but otherwise ignore attempts to add DS records at the zone apex via UPDATE.
- The default value of 'max-stale-ttl' has been changed from 1 week to 12 hours.
- Zone timers are now exported via statistics channel.
- The 'primary' and 'secondary' keywords, when used as parameters for 'check-names', were not processed correctly and were being ignored.
- 'rndc dnstap -roll <value>' did not limit the number of saved files to <value>.
- Add 'rndc dnssec -status' command.
- Addressed a couple of situations where named could crash.
- Changed /var/lib/named to owner root:named and perms rwxrwxr-t
so that named, being a/the only member of the 'named' group
has full r/w access yet cannot change directories owned by root
in the case of a compromized named.
[bsc#1173307, bind-chrootenv.conf]
- Added '/etc/bind.keys' to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named to suppress warning message re missing file (bsc#1173983).
- Removed '-r /dev/urandom' from all invocations of rndc-confgen
(init/named system/lwresd.init system/named.init in vendor-files)
as this option is deprecated and causes rndc-confgen to fail.
(bsc#1173311, bsc#1176674, bsc#1170713)
- /usr/bin/genDDNSkey: Removing the use of the -r option in the call
of /usr/sbin/dnssec-keygen as BIND now uses the random number
functions provided by the crypto library (i.e., OpenSSL or a
PKCS#11 provider) as a source of randomness rather than /dev/random.
Therefore the -r command line option no longer has any effect on
dnssec-keygen. Leaving the option in genDDNSkey as to not break
compatibility. Patch provided by Stefan Eisenwiener.
[bsc#1171313]
- Put libns into a separate subpackage to avoid file conflicts
in the libisc subpackage due to different sonums (bsc#1176092).
- Require /sbin/start_daemon: both init scripts, the one used in
systemd context as well as legacy sysv, make use of start_daemon.
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2020-1701
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
4.9 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
76 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1100369 | self |
| https://bugzilla.suse.com/1109160 | self |
| https://bugzilla.suse.com/1118367 | self |
| https://bugzilla.suse.com/1118368 | self |
| https://bugzilla.suse.com/1128220 | self |
| https://bugzilla.suse.com/1156205 | self |
| https://bugzilla.suse.com/1157051 | self |
| https://bugzilla.suse.com/1161168 | self |
| https://bugzilla.suse.com/1170667 | self |
| https://bugzilla.suse.com/1170713 | self |
| https://bugzilla.suse.com/1171313 | self |
| https://bugzilla.suse.com/1171740 | self |
| https://bugzilla.suse.com/1172958 | self |
| https://bugzilla.suse.com/1173307 | self |
| https://bugzilla.suse.com/1173311 | self |
| https://bugzilla.suse.com/1173983 | self |
| https://bugzilla.suse.com/1175443 | self |
| https://bugzilla.suse.com/1176092 | self |
| https://bugzilla.suse.com/1176674 | self |
| https://bugzilla.suse.com/906079 | self |
| https://www.suse.com/security/cve/CVE-2017-3136/ | self |
| https://www.suse.com/security/cve/CVE-2018-5741/ | self |
| https://www.suse.com/security/cve/CVE-2019-6477/ | self |
| https://www.suse.com/security/cve/CVE-2020-8616/ | self |
| https://www.suse.com/security/cve/CVE-2020-8617/ | self |
| https://www.suse.com/security/cve/CVE-2020-8618/ | self |
| https://www.suse.com/security/cve/CVE-2020-8619/ | self |
| https://www.suse.com/security/cve/CVE-2020-8620/ | self |
| https://www.suse.com/security/cve/CVE-2020-8621/ | self |
| https://www.suse.com/security/cve/CVE-2020-8622/ | self |
| https://www.suse.com/security/cve/CVE-2020-8623/ | self |
| https://www.suse.com/security/cve/CVE-2020-8624/ | self |
| https://www.suse.com/security/cve/CVE-2017-3136 | external |
| https://bugzilla.suse.com/1018700 | external |
| https://bugzilla.suse.com/1018701 | external |
| https://bugzilla.suse.com/1018702 | external |
| https://bugzilla.suse.com/1024130 | external |
| https://bugzilla.suse.com/1033461 | external |
| https://bugzilla.suse.com/1033466 | external |
| https://bugzilla.suse.com/1081545 | external |
| https://www.suse.com/security/cve/CVE-2018-5741 | external |
| https://bugzilla.suse.com/1109160 | external |
| https://bugzilla.suse.com/1171740 | external |
| https://www.suse.com/security/cve/CVE-2019-6477 | external |
| https://bugzilla.suse.com/1157051 | external |
| https://bugzilla.suse.com/1197136 | external |
| https://www.suse.com/security/cve/CVE-2020-8616 | external |
| https://bugzilla.suse.com/1109160 | external |
| https://bugzilla.suse.com/1171740 | external |
| https://www.suse.com/security/cve/CVE-2020-8617 | external |
| https://bugzilla.suse.com/1109160 | external |
| https://bugzilla.suse.com/1171740 | external |
| https://www.suse.com/security/cve/CVE-2020-8618 | external |
| https://bugzilla.suse.com/1172958 | external |
| https://www.suse.com/security/cve/CVE-2020-8619 | external |
| https://bugzilla.suse.com/1172958 | external |
| https://www.suse.com/security/cve/CVE-2020-8620 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1191120 | external |
| https://www.suse.com/security/cve/CVE-2020-8621 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1191120 | external |
| https://www.suse.com/security/cve/CVE-2020-8622 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1188888 | external |
| https://bugzilla.suse.com/1191120 | external |
| https://www.suse.com/security/cve/CVE-2020-8623 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1191120 | external |
| https://www.suse.com/security/cve/CVE-2020-8624 | external |
| https://bugzilla.suse.com/1175443 | external |
| https://bugzilla.suse.com/1191120 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for bind",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for bind fixes the following issues:\n\nBIND was upgraded to version 9.16.6:\n\nNote:\n\n- bind is now more strict in regards to DNSSEC. If queries are not working,\n check for DNSSEC issues. For instance, if bind is used in a namserver\n forwarder chain, the forwarding DNS servers must support DNSSEC.\n\nFixing security issues:\n\n- CVE-2020-8616: Further limit the number of queries that can be triggered from\n a request. Root and TLD servers are no longer exempt\n from max-recursion-queries. Fetches for missing name server. (bsc#1171740)\n Address records are limited to 4 for any domain.\n- CVE-2020-8617: Replaying a TSIG BADTIME response as a request could trigger an\n assertion failure. (bsc#1171740)\n- CVE-2019-6477: Fixed an issue where TCP-pipelined queries could bypass \n the tcp-clients limit (bsc#1157051).\n- CVE-2018-5741: Fixed the documentation (bsc#1109160).\n- CVE-2020-8618: It was possible to trigger an INSIST when determining\n whether a record would fit into a TCP message buffer (bsc#1172958).\n- CVE-2020-8619: It was possible to trigger an INSIST in\n lib/dns/rbtdb.c:new_reference() with a particular zone content\n and query patterns (bsc#1172958).\n- CVE-2020-8624: \u0027update-policy\u0027 rules of type \u0027subdomain\u0027 were\n incorrectly treated as \u0027zonesub\u0027 rules, which allowed\n keys used in \u0027subdomain\u0027 rules to update names outside\n of the specified subdomains. The problem was fixed by\n making sure \u0027subdomain\u0027 rules are again processed as\n described in the ARM (bsc#1175443).\n- CVE-2020-8623: When BIND 9 was compiled with native PKCS#11 support, it\n was possible to trigger an assertion failure in code\n determining the number of bits in the PKCS#11 RSA public\n key with a specially crafted packet (bsc#1175443).\n- CVE-2020-8621: named could crash in certain query resolution scenarios\n where QNAME minimization and forwarding were both\n enabled (bsc#1175443).\n- CVE-2020-8620: It was possible to trigger an assertion failure by\n sending a specially crafted large TCP DNS message (bsc#1175443).\n- CVE-2020-8622: It was possible to trigger an assertion failure when\n verifying the response to a TSIG-signed request (bsc#1175443).\n\nOther issues fixed:\n\n- Add engine support to OpenSSL EdDSA implementation.\n- Add engine support to OpenSSL ECDSA implementation.\n- Update PKCS#11 EdDSA implementation to PKCS#11 v3.0.\n- Warn about AXFR streams with inconsistent message IDs.\n- Make ISC rwlock implementation the default again.\n- Fixed issues when using cookie-secrets for AES and SHA2 (bsc#1161168)\n- Installed the default files in /var/lib/named and created \n chroot environment on systems using transactional-updates (bsc#1100369, fate#325524)\n- Fixed an issue where bind was not working in FIPS mode (bsc#906079).\n- Fixed dependency issues (bsc#1118367 and bsc#1118368).\n- GeoIP support is now discontinued, now GeoIP2 is used(bsc#1156205).\n- Fixed an issue with FIPS (bsc#1128220).\n- The liblwres library is discontinued upstream and is no longer included.\n- Added service dependency on NTP to make sure the clock is accurate when bind is starts (bsc#1170667, bsc#1170713).\n- Reject DS records at the zone apex when loading master files. Log but otherwise ignore attempts to add DS records at the zone apex via UPDATE.\n- The default value of \u0027max-stale-ttl\u0027 has been changed from 1 week to 12 hours.\n- Zone timers are now exported via statistics channel.\n- The \u0027primary\u0027 and \u0027secondary\u0027 keywords, when used as parameters for \u0027check-names\u0027, were not processed correctly and were being ignored.\n- \u0027rndc dnstap -roll \u003cvalue\u003e\u0027 did not limit the number of saved files to \u003cvalue\u003e.\n- Add \u0027rndc dnssec -status\u0027 command.\n- Addressed a couple of situations where named could crash.\n- Changed /var/lib/named to owner root:named and perms rwxrwxr-t\n so that named, being a/the only member of the \u0027named\u0027 group\n has full r/w access yet cannot change directories owned by root\n in the case of a compromized named.\n [bsc#1173307, bind-chrootenv.conf]\n- Added \u0027/etc/bind.keys\u0027 to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named to suppress warning message re missing file (bsc#1173983).\n- Removed \u0027-r /dev/urandom\u0027 from all invocations of rndc-confgen\n (init/named system/lwresd.init system/named.init in vendor-files)\n as this option is deprecated and causes rndc-confgen to fail.\n (bsc#1173311, bsc#1176674, bsc#1170713)\n- /usr/bin/genDDNSkey: Removing the use of the -r option in the call\n of /usr/sbin/dnssec-keygen as BIND now uses the random number\n functions provided by the crypto library (i.e., OpenSSL or a\n PKCS#11 provider) as a source of randomness rather than /dev/random.\n Therefore the -r command line option no longer has any effect on\n dnssec-keygen. Leaving the option in genDDNSkey as to not break\n compatibility. Patch provided by Stefan Eisenwiener.\n [bsc#1171313]\n- Put libns into a separate subpackage to avoid file conflicts\n in the libisc subpackage due to different sonums (bsc#1176092).\n- Require /sbin/start_daemon: both init scripts, the one used in\n systemd context as well as legacy sysv, make use of start_daemon.\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1701",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1701-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1701-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5DSIJXYG3NFNRGFIFTMKBYDE6QWREQSP/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1701-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5DSIJXYG3NFNRGFIFTMKBYDE6QWREQSP/"
},
{
"category": "self",
"summary": "SUSE Bug 1100369",
"url": "https://bugzilla.suse.com/1100369"
},
{
"category": "self",
"summary": "SUSE Bug 1109160",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "self",
"summary": "SUSE Bug 1118367",
"url": "https://bugzilla.suse.com/1118367"
},
{
"category": "self",
"summary": "SUSE Bug 1118368",
"url": "https://bugzilla.suse.com/1118368"
},
{
"category": "self",
"summary": "SUSE Bug 1128220",
"url": "https://bugzilla.suse.com/1128220"
},
{
"category": "self",
"summary": "SUSE Bug 1156205",
"url": "https://bugzilla.suse.com/1156205"
},
{
"category": "self",
"summary": "SUSE Bug 1157051",
"url": "https://bugzilla.suse.com/1157051"
},
{
"category": "self",
"summary": "SUSE Bug 1161168",
"url": "https://bugzilla.suse.com/1161168"
},
{
"category": "self",
"summary": "SUSE Bug 1170667",
"url": "https://bugzilla.suse.com/1170667"
},
{
"category": "self",
"summary": "SUSE Bug 1170713",
"url": "https://bugzilla.suse.com/1170713"
},
{
"category": "self",
"summary": "SUSE Bug 1171313",
"url": "https://bugzilla.suse.com/1171313"
},
{
"category": "self",
"summary": "SUSE Bug 1171740",
"url": "https://bugzilla.suse.com/1171740"
},
{
"category": "self",
"summary": "SUSE Bug 1172958",
"url": "https://bugzilla.suse.com/1172958"
},
{
"category": "self",
"summary": "SUSE Bug 1173307",
"url": "https://bugzilla.suse.com/1173307"
},
{
"category": "self",
"summary": "SUSE Bug 1173311",
"url": "https://bugzilla.suse.com/1173311"
},
{
"category": "self",
"summary": "SUSE Bug 1173983",
"url": "https://bugzilla.suse.com/1173983"
},
{
"category": "self",
"summary": "SUSE Bug 1175443",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "self",
"summary": "SUSE Bug 1176092",
"url": "https://bugzilla.suse.com/1176092"
},
{
"category": "self",
"summary": "SUSE Bug 1176674",
"url": "https://bugzilla.suse.com/1176674"
},
{
"category": "self",
"summary": "SUSE Bug 906079",
"url": "https://bugzilla.suse.com/906079"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3136 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5741 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6477 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8616 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8617 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8618 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8619 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8620 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8621 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8622 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8623 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8624 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8624/"
}
],
"title": "Security update for bind",
"tracking": {
"current_release_date": "2020-10-20T04:20:51Z",
"generator": {
"date": "2020-10-20T04:20:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1701-1",
"initial_release_date": "2020-10-20T04:20:51Z",
"revision_history": [
{
"date": "2020-10-20T04:20:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "bind-9.16.6-lp151.11.9.1.i586",
"product_id": "bind-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"product_id": "bind-chrootenv-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "bind-devel-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "bind-devel-9.16.6-lp151.11.9.1.i586",
"product_id": "bind-devel-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "bind-utils-9.16.6-lp151.11.9.1.i586",
"product_id": "bind-utils-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "libbind9-1600-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "libbind9-1600-9.16.6-lp151.11.9.1.i586",
"product_id": "libbind9-1600-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "libdns1605-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "libdns1605-9.16.6-lp151.11.9.1.i586",
"product_id": "libdns1605-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "libirs-devel-9.16.6-lp151.11.9.1.i586",
"product_id": "libirs-devel-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "libirs1601-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "libirs1601-9.16.6-lp151.11.9.1.i586",
"product_id": "libirs1601-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "libisc1606-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "libisc1606-9.16.6-lp151.11.9.1.i586",
"product_id": "libisc1606-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "libisccc1600-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "libisccc1600-9.16.6-lp151.11.9.1.i586",
"product_id": "libisccc1600-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "libisccfg1600-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "libisccfg1600-9.16.6-lp151.11.9.1.i586",
"product_id": "libisccfg1600-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "libns1604-9.16.6-lp151.11.9.1.i586",
"product": {
"name": "libns1604-9.16.6-lp151.11.9.1.i586",
"product_id": "libns1604-9.16.6-lp151.11.9.1.i586"
}
},
{
"category": "product_version",
"name": "libuv-devel-1.18.0-lp151.3.3.1.i586",
"product": {
"name": "libuv-devel-1.18.0-lp151.3.3.1.i586",
"product_id": "libuv-devel-1.18.0-lp151.3.3.1.i586"
}
},
{
"category": "product_version",
"name": "libuv1-1.18.0-lp151.3.3.1.i586",
"product": {
"name": "libuv1-1.18.0-lp151.3.3.1.i586",
"product_id": "libuv1-1.18.0-lp151.3.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-doc-9.16.6-lp151.11.9.1.noarch",
"product": {
"name": "bind-doc-9.16.6-lp151.11.9.1.noarch",
"product_id": "bind-doc-9.16.6-lp151.11.9.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-bind-9.16.6-lp151.11.9.1.noarch",
"product": {
"name": "python3-bind-9.16.6-lp151.11.9.1.noarch",
"product_id": "python3-bind-9.16.6-lp151.11.9.1.noarch"
}
},
{
"category": "product_version",
"name": "sysuser-shadow-2.0-lp151.4.3.1.noarch",
"product": {
"name": "sysuser-shadow-2.0-lp151.4.3.1.noarch",
"product_id": "sysuser-shadow-2.0-lp151.4.3.1.noarch"
}
},
{
"category": "product_version",
"name": "sysuser-tools-2.0-lp151.4.3.1.noarch",
"product": {
"name": "sysuser-tools-2.0-lp151.4.3.1.noarch",
"product_id": "sysuser-tools-2.0-lp151.4.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "bind-9.16.6-lp151.11.9.1.x86_64",
"product_id": "bind-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"product_id": "bind-chrootenv-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-devel-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "bind-devel-9.16.6-lp151.11.9.1.x86_64",
"product_id": "bind-devel-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"product_id": "bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "bind-utils-9.16.6-lp151.11.9.1.x86_64",
"product_id": "bind-utils-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libbind9-1600-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns1605-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libdns1605-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libdns1605-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libirs-devel-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs1601-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libirs1601-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libirs1601-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisc1606-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libisc1606-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libisc1606-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libisccc1600-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libisccfg1600-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libns1604-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libns1604-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libns1604-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"product": {
"name": "libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"product_id": "libns1604-32bit-9.16.6-lp151.11.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"product": {
"name": "libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"product_id": "libuv-devel-1.18.0-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libuv1-1.18.0-lp151.3.3.1.x86_64",
"product": {
"name": "libuv1-1.18.0-lp151.3.3.1.x86_64",
"product_id": "libuv1-1.18.0-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"product": {
"name": "libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"product_id": "libuv1-32bit-1.18.0-lp151.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "bind-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "bind-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "bind-devel-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "bind-devel-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.6-lp151.11.9.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch"
},
"product_reference": "bind-doc-9.16.6-lp151.11.9.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "bind-utils-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "bind-utils-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "libbind9-1600-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "libdns1605-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libdns1605-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "libirs-devel-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "libirs1601-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libirs1601-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "libisc1606-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libisc1606-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "libisccc1600-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "libisccfg1600-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-lp151.11.9.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586"
},
"product_reference": "libns1604-9.16.6-lp151.11.9.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libns1604-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libns1604-32bit-9.16.6-lp151.11.9.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64"
},
"product_reference": "libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv-devel-1.18.0-lp151.3.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586"
},
"product_reference": "libuv-devel-1.18.0-lp151.3.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv-devel-1.18.0-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64"
},
"product_reference": "libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv1-1.18.0-lp151.3.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586"
},
"product_reference": "libuv1-1.18.0-lp151.3.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv1-1.18.0-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64"
},
"product_reference": "libuv1-1.18.0-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuv1-32bit-1.18.0-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64"
},
"product_reference": "libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.6-lp151.11.9.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch"
},
"product_reference": "python3-bind-9.16.6-lp151.11.9.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sysuser-shadow-2.0-lp151.4.3.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch"
},
"product_reference": "sysuser-shadow-2.0-lp151.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "sysuser-tools-2.0-lp151.4.3.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
},
"product_reference": "sysuser-tools-2.0-lp151.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3136"
}
],
"notes": [
{
"category": "general",
"text": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3136",
"url": "https://www.suse.com/security/cve/CVE-2017-3136"
},
{
"category": "external",
"summary": "SUSE Bug 1018700 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1018700"
},
{
"category": "external",
"summary": "SUSE Bug 1018701 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1018701"
},
{
"category": "external",
"summary": "SUSE Bug 1018702 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1018702"
},
{
"category": "external",
"summary": "SUSE Bug 1024130 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1024130"
},
{
"category": "external",
"summary": "SUSE Bug 1033461 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1033461"
},
{
"category": "external",
"summary": "SUSE Bug 1033466 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1033466"
},
{
"category": "external",
"summary": "SUSE Bug 1081545 for CVE-2017-3136",
"url": "https://bugzilla.suse.com/1081545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "important"
}
],
"title": "CVE-2017-3136"
},
{
"cve": "CVE-2018-5741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5741"
}
],
"notes": [
{
"category": "general",
"text": "To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update request. Unfortunately, some rule types were not initially documented, and when documentation for them was added to the Administrator Reference Manual (ARM) in change #3112, the language that was added to the ARM at that time incorrectly described the behavior of two rule types, krb5-subdomain and ms-subdomain. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. This affects BIND versions prior to BIND 9.11.5 and BIND 9.12.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5741",
"url": "https://www.suse.com/security/cve/CVE-2018-5741"
},
{
"category": "external",
"summary": "SUSE Bug 1109160 for CVE-2018-5741",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "external",
"summary": "SUSE Bug 1171740 for CVE-2018-5741",
"url": "https://bugzilla.suse.com/1171740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "moderate"
}
],
"title": "CVE-2018-5741"
},
{
"cve": "CVE-2019-6477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6477"
}
],
"notes": [
{
"category": "general",
"text": "With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6477",
"url": "https://www.suse.com/security/cve/CVE-2019-6477"
},
{
"category": "external",
"summary": "SUSE Bug 1157051 for CVE-2019-6477",
"url": "https://bugzilla.suse.com/1157051"
},
{
"category": "external",
"summary": "SUSE Bug 1197136 for CVE-2019-6477",
"url": "https://bugzilla.suse.com/1197136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "important"
}
],
"title": "CVE-2019-6477"
},
{
"cve": "CVE-2020-8616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8616"
}
],
"notes": [
{
"category": "general",
"text": "A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8616",
"url": "https://www.suse.com/security/cve/CVE-2020-8616"
},
{
"category": "external",
"summary": "SUSE Bug 1109160 for CVE-2020-8616",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "external",
"summary": "SUSE Bug 1171740 for CVE-2020-8616",
"url": "https://bugzilla.suse.com/1171740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "moderate"
}
],
"title": "CVE-2020-8616"
},
{
"cve": "CVE-2020-8617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8617"
}
],
"notes": [
{
"category": "general",
"text": "Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8617",
"url": "https://www.suse.com/security/cve/CVE-2020-8617"
},
{
"category": "external",
"summary": "SUSE Bug 1109160 for CVE-2020-8617",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "external",
"summary": "SUSE Bug 1171740 for CVE-2020-8617",
"url": "https://bugzilla.suse.com/1171740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "moderate"
}
],
"title": "CVE-2020-8617"
},
{
"cve": "CVE-2020-8618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8618"
}
],
"notes": [
{
"category": "general",
"text": "An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8618",
"url": "https://www.suse.com/security/cve/CVE-2020-8618"
},
{
"category": "external",
"summary": "SUSE Bug 1172958 for CVE-2020-8618",
"url": "https://bugzilla.suse.com/1172958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "moderate"
}
],
"title": "CVE-2020-8618"
},
{
"cve": "CVE-2020-8619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8619"
}
],
"notes": [
{
"category": "general",
"text": "In ISC BIND9 versions BIND 9.11.14 -\u003e 9.11.19, BIND 9.14.9 -\u003e 9.14.12, BIND 9.16.0 -\u003e 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -\u003e 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (\"*\") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8619",
"url": "https://www.suse.com/security/cve/CVE-2020-8619"
},
{
"category": "external",
"summary": "SUSE Bug 1172958 for CVE-2020-8619",
"url": "https://bugzilla.suse.com/1172958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "moderate"
}
],
"title": "CVE-2020-8619"
},
{
"cve": "CVE-2020-8620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8620"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.15.6 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8620",
"url": "https://www.suse.com/security/cve/CVE-2020-8620"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8620",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8620",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "important"
}
],
"title": "CVE-2020-8620"
},
{
"cve": "CVE-2020-8621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8621"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, If a server is configured with both QNAME minimization and \u0027forward first\u0027 then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that \u0027forward only\u0027 are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8621",
"url": "https://www.suse.com/security/cve/CVE-2020-8621"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8621",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8621",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "important"
}
],
"title": "CVE-2020-8621"
},
{
"cve": "CVE-2020-8622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8622"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8622",
"url": "https://www.suse.com/security/cve/CVE-2020-8622"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8622",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1188888 for CVE-2020-8622",
"url": "https://bugzilla.suse.com/1188888"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8622",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "important"
}
],
"title": "CVE-2020-8622"
},
{
"cve": "CVE-2020-8623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8623"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8623",
"url": "https://www.suse.com/security/cve/CVE-2020-8623"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8623",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8623",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "important"
}
],
"title": "CVE-2020-8623"
},
{
"cve": "CVE-2020-8624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8624"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.9.12 -\u003e 9.9.13, 9.10.7 -\u003e 9.10.8, 9.11.3 -\u003e 9.11.21, 9.12.1 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.12-S1 -\u003e 9.9.13-S1, 9.11.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone\u0027s content could abuse these unintended additional privileges to update other contents of the zone.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8624",
"url": "https://www.suse.com/security/cve/CVE-2020-8624"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8624",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8624",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:bind-utils-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libbind9-1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libdns1605-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libirs1601-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisc1606-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccc1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libisccfg1600-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-32bit-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.i586",
"openSUSE Leap 15.1:libns1604-9.16.6-lp151.11.9.1.x86_64",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv-devel-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.i586",
"openSUSE Leap 15.1:libuv1-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:libuv1-32bit-1.18.0-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.16.6-lp151.11.9.1.noarch",
"openSUSE Leap 15.1:sysuser-shadow-2.0-lp151.4.3.1.noarch",
"openSUSE Leap 15.1:sysuser-tools-2.0-lp151.4.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-20T04:20:51Z",
"details": "important"
}
],
"title": "CVE-2020-8624"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…