Lucene search
SuseOPENSUSE-SU-2021:1826-1HistoryJul 11, 2021 - 12:00 a.m.
Security update for bind (important)
2021-07-1100:00:00
lists.opensuse.org
13
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
An update that fixes two vulnerabilities is now available.
Description:
This update for bind fixes the following issues:
- CVE-2021-25214: Fixed a broken inbound incremental zone update (IXFR)
which could have caused named to terminate unexpectedly (bsc#1185345). - CVE-2021-25215: Fixed an assertion check which could have failed while
answering queries for DNAME records that required the DNAME to be
processed to resolve itself (bsc#1185345). - Switched from /var/run to /run (bsc#1185073)
- Hardening: Compiled binary with PIE flags to make it position independent
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1826=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.3 | aarch64 | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm | |
| openSUSE Leap | 15.3 | ppc64le | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm | |
| openSUSE Leap | 15.3 | s390x | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.s390x.rpm | |
| openSUSE Leap | 15.3 | x86_64 | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.3 | noarch | < - openSUSE Leap 15.3 (noarch): | - openSUSE Leap 15.3 (noarch):.noarch.rpm |
Related
nessus
nessus
EulerOS Virtualization 2.9.1 : bind (EulerOS-SA-2021-2180)
2021-07-13 00:00:00
EulerOS 2.0 SP3 : bind (EulerOS-SA-2021-2572)
2021-10-25 00:00:00
SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2021:1471-1)
2021-05-05 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:1468-1)
2021-06-09 00:00:00
Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2021-47f23870ec)
2021-05-09 00:00:00
Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2021-2236)
2021-08-09 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: bind-9.16.15-1.fc34
2021-05-06 01:03:22
[SECURITY] Fedora 33 Update: bind-9.11.31-1.fc33
2021-05-09 01:16:34
[SECURITY] Fedora 34 Update: bind-dyndb-ldap-11.7-3.fc34
2021-05-06 01:03:22
ibm
ibm
altlinux
altlinux
Security fix for the ALT Linux 8 package bind version 9.10.8.P1-alt4
2021-05-13 00:00:00
Security fix for the ALT Linux 10 package bind version 9.11.31-alt1
2021-04-29 00:00:00
Security fix for the ALT Linux 9 package bind version 9.11.31-alt1
2021-05-12 00:00:00
suse
suse
Security update for bind (important)
2021-05-04 00:00:00
debian
debian
[SECURITY] [DSA 4909-1] bind9 security update
2021-05-01 09:09:48
[SECURITY] [DSA 4909-1] bind9 security update
2021-05-01 09:09:48
[SECURITY] [DLA 2647-1] bind9 security update
2021-05-04 10:21:23
osv
osv
bind9 vulnerabilities
2021-04-29 11:11:53
bind9 - security update
2021-05-01 00:00:00
bind9 - security update
2021-05-04 00:00:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-25215, CVE-2021-25214, CVE-2021-25216
2021-09-21 22:01:45
archlinux
archlinux
[ASA-202104-10] bind: multiple issues
2021-04-29 00:00:00
slackware
slackware
[slackware-security] bind
2021-04-29 01:41:22
ubuntu
ubuntu
Bind vulnerabilities
2021-04-29 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2021-0240
2021-05-20 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-2.0-0348
2021-05-20 00:00:00
Critical Photon OS Security Update - PHSA-2021-3.0-0240
2021-05-20 00:00:00
mageia
mageia
Updated bind packages fix security vulnerabilities
2021-05-23 21:45:17
Updated bind packages fix a security vulnerability
2021-06-23 20:11:28
redhatcve
redhatcve
CVE-2021-25214
2021-04-29 03:48:29
CVE-2021-25215
2021-04-29 03:48:29
f5
f5
K11426315 : BIND vulnerability CVE-2021-25214
2021-05-18 00:00:00
K96223611 : BIND vulnerability CVE-2021-25215
2021-05-18 00:00:00
cve
cve
CVE-2021-25214
2021-04-29 01:15:00
CVE-2021-25215
2021-04-29 01:15:00
redhat
redhat
(RHSA-2021:3325) Moderate: bind security update
2021-08-31 07:44:44
(RHSA-2021:1478) Important: bind security update
2021-05-03 05:52:03
(RHSA-2021:1475) Important: bind security update
2021-05-03 05:51:41
debiancve
debiancve
CVE-2021-25214
2021-04-29 01:15:00
CVE-2021-25215
2021-04-29 01:15:00
almalinux
almalinux
Moderate: bind security and bug fix update
2021-11-09 09:16:00
Important: bind security update
2021-05-18 17:09:01
prion
prion
Code injection
2021-04-29 01:15:00
Authentication flaw
2021-04-29 01:15:00
centos
centos
bind security update
2021-09-01 13:02:58
bind security update
2021-04-29 18:00:19
rocky
rocky
bind security and bug fix update
2021-11-09 09:16:00
bind security update
2021-05-18 17:09:01
amazon
amazon
oraclelinux
oraclelinux
bind security update
2021-05-26 00:00:00
bind security update
2021-05-01 00:00:00
bind security and bug fix update
2021-11-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-25215 affecting package bind 9.16.3-3
2021-05-16 16:46:11
CVE-2021-25214 affecting package bind 9.16.3-3
2021-05-16 16:46:11
alpinelinux
alpinelinux
CVE-2021-25214
2021-04-29 01:15:00
CVE-2021-25215
2021-04-29 01:15:00
ubuntucve
ubuntucve
CVE-2021-25214
2021-04-28 00:00:00
CVE-2021-25215
2021-04-28 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-05-01 10:32:42
Denial Of Service(DoS)
2021-05-01 10:32:38
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related for OPENSUSE-SU-2021:1826-1