bind-9.18.2-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12081 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z bind-9.18.2-1.1 on GA media These are all security issues fixed in the bind-9.18.2-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12081 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:12081 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2021-25220/ SUSE CVE CVE-2021-25220 page https://www.suse.com/security/cve/CVE-2022-0396/ SUSE CVE CVE-2022-0396 page https://www.suse.com/security/cve/CVE-2022-0635/ SUSE CVE CVE-2022-0635 page https://www.suse.com/security/cve/CVE-2022-0667/ SUSE CVE CVE-2022-0667 page openSUSE Tumbleweed bind-9.18.2-1.1 bind-doc-9.18.2-1.1 bind-modules-bdbhpt-9.18.2-1.1 bind-modules-generic-9.18.2-1.1 bind-modules-ldap-9.18.2-1.1 bind-modules-mysql-9.18.2-1.1 bind-modules-perl-9.18.2-1.1 bind-modules-sqlite3-9.18.2-1.1 bind-utils-9.18.2-1.1 bind-9.18.2-1.1 as a component of openSUSE Tumbleweed bind-doc-9.18.2-1.1 as a component of openSUSE Tumbleweed bind-modules-bdbhpt-9.18.2-1.1 as a component of openSUSE Tumbleweed bind-modules-generic-9.18.2-1.1 as a component of openSUSE Tumbleweed bind-modules-ldap-9.18.2-1.1 as a component of openSUSE Tumbleweed bind-modules-mysql-9.18.2-1.1 as a component of openSUSE Tumbleweed bind-modules-perl-9.18.2-1.1 as a component of openSUSE Tumbleweed bind-modules-sqlite3-9.18.2-1.1 as a component of openSUSE Tumbleweed bind-utils-9.18.2-1.1 as a component of openSUSE Tumbleweed BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. CVE-2021-25220 openSUSE Tumbleweed:bind-9.18.2-1.1 openSUSE Tumbleweed:bind-doc-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-bdbhpt-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-generic-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-ldap-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-mysql-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-perl-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-sqlite3-9.18.2-1.1 openSUSE Tumbleweed:bind-utils-9.18.2-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-25220.html CVE-2021-25220 https://bugzilla.suse.com/1197135 SUSE Bug 1197135 BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection. CVE-2022-0396 openSUSE Tumbleweed:bind-9.18.2-1.1 openSUSE Tumbleweed:bind-doc-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-bdbhpt-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-generic-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-ldap-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-mysql-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-perl-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-sqlite3-9.18.2-1.1 openSUSE Tumbleweed:bind-utils-9.18.2-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0396.html CVE-2022-0396 https://bugzilla.suse.com/1197136 SUSE Bug 1197136 Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check. CVE-2022-0635 openSUSE Tumbleweed:bind-9.18.2-1.1 openSUSE Tumbleweed:bind-doc-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-bdbhpt-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-generic-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-ldap-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-mysql-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-perl-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-sqlite3-9.18.2-1.1 openSUSE Tumbleweed:bind-utils-9.18.2-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0635.html CVE-2022-0635 https://bugzilla.suse.com/1197137 SUSE Bug 1197137 When the vulnerability is triggered the BIND process will exit. BIND 9.18.0 CVE-2022-0667 openSUSE Tumbleweed:bind-9.18.2-1.1 openSUSE Tumbleweed:bind-doc-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-bdbhpt-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-generic-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-ldap-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-mysql-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-perl-9.18.2-1.1 openSUSE Tumbleweed:bind-modules-sqlite3-9.18.2-1.1 openSUSE Tumbleweed:bind-utils-9.18.2-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-0667.html CVE-2022-0667 https://bugzilla.suse.com/1197138 SUSE Bug 1197138