EulerOS Virtualization 3.0.2.0 : ldns (EulerOS-SA-2022-1700)

According to the versions of the ldns package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When ldns version 1.7.1 verifies a zone file, the ldnsrrnewfrmstrinternal function has a heap out of bounds read vulnerability. An...

openSUSE 15 Security Update : ldns (openSUSE-SU-2022:0675-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0675-1 advisory. - When ldns version 1.7.1 verifies a zone file, the ldnsrrnewfrmstrinternal function has a heap out of bounds read vulnerability. An attack...

Security update for ldns (moderate)

openSUSE Security Update: Security update for ldns Announcement ID: openSUSE-SU-2022:0675-1 Rating: moderate References: 1195057 1195058 Cross-References: CVE-2020-19860 CVE-2020-19861 CVSS scores: CVE-2020-19860 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2020-19860 SUSE: 4.4...

CVE-2020-19861

When a zone file in ldns 1.7.1 is parsed, the function ldnsnsec3saltdata is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldnsrdfsizesaltrdf byte data can be copied, causing heap overflow information leakage...

CVE-2020-19861

When a zone file in ldns 1.7.1 is parsed, the function ldnsnsec3saltdata is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldnsrdfsizesaltrdf byte data can be copied, causing heap overflow information leakage...

CVE-2020-19861

CVE-2020-19861 (ldns 1.7.1): The parser trusts the length value from a zone file too much in ldns_nsec3_salt_data, allowing 0xfe bytes of salt_rdf to be copied and causing heap overflow information leakage. Relatedly, CVE-2020-19860 describes a heap-out-of-bounds read in ldns_rr_new_frm_str_inter...