59 matches found
CLSA-2022-1664476612 Fixed CVE-2022-2795 in bind
CVE-2022-2795: fix possible resolver performance degradation when processing large delegations...
CLSA-2022-1664475836 Fixed CVE-2022-2795 in bind
CVE-2022-2795: fix possible resolver performance degradation when processing large delegations...
CLSA-2022-1664475166 Fix CVE(s): CVE-2022-38177, CVE-2022-2795
SECURITY UPDATE: degrade resolver performance - debian/patches/CVE-2022-2795.patch: adds limits in fctxgetaddresses to avoid spending excessive amounts of time on processing large delegations in resolver code in lib/dns/resolver.c. - CVE-2022-2795 SECURITY UPDATE: memory leak -...
Processing large delegations may severely degrade resolver performance
...
Debian DSA-5235-1 : bind9 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5235 advisory. Several vulnerabilities were discovered in BIND, a DNS server implementation. CVE-2022-2795 Yehuda Afek, Anat Bremler-Barr and Shani Stajnrod discovered that a fl...
SUSE-SU-2022:2713-1 Security update for bind
This update for bind fixes the following issues: - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance bsc1192146. - CVE-2021-25220: Fixed potentially incorrect answers by cached forwarders bsc1197135. - CVE-2022-0396: Fixed a incorrect handling of...
Security update for bind (moderate)
SUSE Security Update: Security update for bind Announcement ID: openSUSE-SU-2022:0151-1 Rating: moderate References: 1192146 1199370 Cross-References: CVE-2021-25219 CVE-2022-27114 CVSS scores: CVE-2021-25219 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-25219 SUSE: 5.3...
RHEL 8 : bind (RHSA-2022:2092)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:2092 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C Tenable, Inc...
RLSA-2022:2092 Moderate: bind security, bug fix, and enhancement update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The following...
EulerOS Virtualization 2.10.1 : bind (EulerOS-SA-2022-1368)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview...
EulerOS 2.0 SP5 : bind (EulerOS-SA-2022-1261)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as wel...
SUSE SLED15: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2022:0151-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0151-1 advisory. - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance bsc1192146. Tenab...
OPENSUSE-SU-2022:0151-1 Security update for bind
This update for bind fixes the following issues: - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance bsc1192146...
SUSE-SU-2022:0151-1 Security update for bind
This update for bind fixes the following issues: - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance bsc1192146...
CLSA-2021-1639681836 Fix CVE(s): CVE-2021-25219
SECURITY UPDATE: resolver performance degradation via lame cache abuse - debian/patches/CVE-2021-25219.patch: disable lame cache in bin/named/config.c, bin/named/server.c, lib/dns/resolver.c. - CVE-2021-25219...
Lame cache can be abused to severely degrade resolver performance
...
OESA-2021-1459 bind security update
Domain Name System DNS Server. Security Fixes: In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken...
OPENSUSE-SU-2021:1502-1 Security update for bind
This update for bind fixes the following issues: - CVE-2021-25219: Fixed lame cache that could have been abused to severely degrade resolver performance bsc1192146. This update was imported from the SUSE:SLE-15:Update update project...
SUSE SLED15: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2021:3773-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3773-1 advisory. - CVE-2021-25219: Fixed lame cache that could have been abused to severely degrade resolver performance bsc1192146. Tenable has extracted the...
OPENSUSE-SU-2021:3773-1 Security update for bind
This update for bind fixes the following issues: - CVE-2021-25219: Fixed lame cache that could have been abused to severely degrade resolver performance bsc1192146...