Vulnerability from csaf_opensuse
Published
2020-10-19 18:22
Modified
2020-10-19 18:22
Summary
Security update for bind
Notes
Title of the patch
Security update for bind
Description of the patch
This update for bind fixes the following issues:
BIND was upgraded to version 9.16.6:
Note:
- bind is now more strict in regards to DNSSEC. If queries are not working,
check for DNSSEC issues. For instance, if bind is used in a namserver
forwarder chain, the forwarding DNS servers must support DNSSEC.
Fixing security issues:
- CVE-2020-8616: Further limit the number of queries that can be triggered from
a request. Root and TLD servers are no longer exempt
from max-recursion-queries. Fetches for missing name server. (bsc#1171740)
Address records are limited to 4 for any domain.
- CVE-2020-8617: Replaying a TSIG BADTIME response as a request could trigger an
assertion failure. (bsc#1171740)
- CVE-2019-6477: Fixed an issue where TCP-pipelined queries could bypass
the tcp-clients limit (bsc#1157051).
- CVE-2018-5741: Fixed the documentation (bsc#1109160).
- CVE-2020-8618: It was possible to trigger an INSIST when determining
whether a record would fit into a TCP message buffer (bsc#1172958).
- CVE-2020-8619: It was possible to trigger an INSIST in
lib/dns/rbtdb.c:new_reference() with a particular zone content
and query patterns (bsc#1172958).
- CVE-2020-8624: 'update-policy' rules of type 'subdomain' were
incorrectly treated as 'zonesub' rules, which allowed
keys used in 'subdomain' rules to update names outside
of the specified subdomains. The problem was fixed by
making sure 'subdomain' rules are again processed as
described in the ARM (bsc#1175443).
- CVE-2020-8623: When BIND 9 was compiled with native PKCS#11 support, it
was possible to trigger an assertion failure in code
determining the number of bits in the PKCS#11 RSA public
key with a specially crafted packet (bsc#1175443).
- CVE-2020-8621: named could crash in certain query resolution scenarios
where QNAME minimization and forwarding were both
enabled (bsc#1175443).
- CVE-2020-8620: It was possible to trigger an assertion failure by
sending a specially crafted large TCP DNS message (bsc#1175443).
- CVE-2020-8622: It was possible to trigger an assertion failure when
verifying the response to a TSIG-signed request (bsc#1175443).
Other issues fixed:
- Add engine support to OpenSSL EdDSA implementation.
- Add engine support to OpenSSL ECDSA implementation.
- Update PKCS#11 EdDSA implementation to PKCS#11 v3.0.
- Warn about AXFR streams with inconsistent message IDs.
- Make ISC rwlock implementation the default again.
- Fixed issues when using cookie-secrets for AES and SHA2 (bsc#1161168)
- Installed the default files in /var/lib/named and created
chroot environment on systems using transactional-updates (bsc#1100369, fate#325524)
- Fixed an issue where bind was not working in FIPS mode (bsc#906079).
- Fixed dependency issues (bsc#1118367 and bsc#1118368).
- GeoIP support is now discontinued, now GeoIP2 is used(bsc#1156205).
- Fixed an issue with FIPS (bsc#1128220).
- The liblwres library is discontinued upstream and is no longer included.
- Added service dependency on NTP to make sure the clock is accurate when bind is starts (bsc#1170667, bsc#1170713).
- Reject DS records at the zone apex when loading master files. Log but otherwise ignore attempts to add DS records at the zone apex via UPDATE.
- The default value of 'max-stale-ttl' has been changed from 1 week to 12 hours.
- Zone timers are now exported via statistics channel.
- The 'primary' and 'secondary' keywords, when used as parameters for 'check-names', were not processed correctly and were being ignored.
- 'rndc dnstap -roll <value>' did not limit the number of saved files to <value>.
- Add 'rndc dnssec -status' command.
- Addressed a couple of situations where named could crash.
- Changed /var/lib/named to owner root:named and perms rwxrwxr-t
so that named, being a/the only member of the 'named' group
has full r/w access yet cannot change directories owned by root
in the case of a compromized named.
[bsc#1173307, bind-chrootenv.conf]
- Added '/etc/bind.keys' to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named to suppress warning message re missing file (bsc#1173983).
- Removed '-r /dev/urandom' from all invocations of rndc-confgen
(init/named system/lwresd.init system/named.init in vendor-files)
as this option is deprecated and causes rndc-confgen to fail.
(bsc#1173311, bsc#1176674, bsc#1170713)
- /usr/bin/genDDNSkey: Removing the use of the -r option in the call
of /usr/sbin/dnssec-keygen as BIND now uses the random number
functions provided by the crypto library (i.e., OpenSSL or a
PKCS#11 provider) as a source of randomness rather than /dev/random.
Therefore the -r command line option no longer has any effect on
dnssec-keygen. Leaving the option in genDDNSkey as to not break
compatibility. Patch provided by Stefan Eisenwiener.
[bsc#1171313]
- Put libns into a separate subpackage to avoid file conflicts
in the libisc subpackage due to different sonums (bsc#1176092).
- Require /sbin/start_daemon: both init scripts, the one used in
systemd context as well as legacy sysv, make use of start_daemon.
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-1699
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for bind", title: "Title of the patch", }, { category: "description", text: "This update for bind fixes the following issues:\n\nBIND was upgraded to version 9.16.6:\n\nNote:\n\n- bind is now more strict in regards to DNSSEC. If queries are not working,\n check for DNSSEC issues. For instance, if bind is used in a namserver\n forwarder chain, the forwarding DNS servers must support DNSSEC.\n\nFixing security issues:\n\n- CVE-2020-8616: Further limit the number of queries that can be triggered from\n a request. Root and TLD servers are no longer exempt\n from max-recursion-queries. Fetches for missing name server. (bsc#1171740)\n Address records are limited to 4 for any domain.\n- CVE-2020-8617: Replaying a TSIG BADTIME response as a request could trigger an\n assertion failure. (bsc#1171740)\n- CVE-2019-6477: Fixed an issue where TCP-pipelined queries could bypass \n the tcp-clients limit (bsc#1157051).\n- CVE-2018-5741: Fixed the documentation (bsc#1109160).\n- CVE-2020-8618: It was possible to trigger an INSIST when determining\n whether a record would fit into a TCP message buffer (bsc#1172958).\n- CVE-2020-8619: It was possible to trigger an INSIST in\n lib/dns/rbtdb.c:new_reference() with a particular zone content\n and query patterns (bsc#1172958).\n- CVE-2020-8624: 'update-policy' rules of type 'subdomain' were\n incorrectly treated as 'zonesub' rules, which allowed\n keys used in 'subdomain' rules to update names outside\n of the specified subdomains. The problem was fixed by\n making sure 'subdomain' rules are again processed as\n described in the ARM (bsc#1175443).\n- CVE-2020-8623: When BIND 9 was compiled with native PKCS#11 support, it\n was possible to trigger an assertion failure in code\n determining the number of bits in the PKCS#11 RSA public\n key with a specially crafted packet (bsc#1175443).\n- CVE-2020-8621: named could crash in certain query resolution scenarios\n where QNAME minimization and forwarding were both\n enabled (bsc#1175443).\n- CVE-2020-8620: It was possible to trigger an assertion failure by\n sending a specially crafted large TCP DNS message (bsc#1175443).\n- CVE-2020-8622: It was possible to trigger an assertion failure when\n verifying the response to a TSIG-signed request (bsc#1175443).\n\nOther issues fixed:\n\n- Add engine support to OpenSSL EdDSA implementation.\n- Add engine support to OpenSSL ECDSA implementation.\n- Update PKCS#11 EdDSA implementation to PKCS#11 v3.0.\n- Warn about AXFR streams with inconsistent message IDs.\n- Make ISC rwlock implementation the default again.\n- Fixed issues when using cookie-secrets for AES and SHA2 (bsc#1161168)\n- Installed the default files in /var/lib/named and created \n chroot environment on systems using transactional-updates (bsc#1100369, fate#325524)\n- Fixed an issue where bind was not working in FIPS mode (bsc#906079).\n- Fixed dependency issues (bsc#1118367 and bsc#1118368).\n- GeoIP support is now discontinued, now GeoIP2 is used(bsc#1156205).\n- Fixed an issue with FIPS (bsc#1128220).\n- The liblwres library is discontinued upstream and is no longer included.\n- Added service dependency on NTP to make sure the clock is accurate when bind is starts (bsc#1170667, bsc#1170713).\n- Reject DS records at the zone apex when loading master files. Log but otherwise ignore attempts to add DS records at the zone apex via UPDATE.\n- The default value of 'max-stale-ttl' has been changed from 1 week to 12 hours.\n- Zone timers are now exported via statistics channel.\n- The 'primary' and 'secondary' keywords, when used as parameters for 'check-names', were not processed correctly and were being ignored.\n- 'rndc dnstap -roll <value>' did not limit the number of saved files to <value>.\n- Add 'rndc dnssec -status' command.\n- Addressed a couple of situations where named could crash.\n- Changed /var/lib/named to owner root:named and perms rwxrwxr-t\n so that named, being a/the only member of the 'named' group\n has full r/w access yet cannot change directories owned by root\n in the case of a compromized named.\n [bsc#1173307, bind-chrootenv.conf]\n- Added '/etc/bind.keys' to NAMED_CONF_INCLUDE_FILES in /etc/sysconfig/named to suppress warning message re missing file (bsc#1173983).\n- Removed '-r /dev/urandom' from all invocations of rndc-confgen\n (init/named system/lwresd.init system/named.init in vendor-files)\n as this option is deprecated and causes rndc-confgen to fail.\n (bsc#1173311, bsc#1176674, bsc#1170713)\n- /usr/bin/genDDNSkey: Removing the use of the -r option in the call\n of /usr/sbin/dnssec-keygen as BIND now uses the random number\n functions provided by the crypto library (i.e., OpenSSL or a\n PKCS#11 provider) as a source of randomness rather than /dev/random.\n Therefore the -r command line option no longer has any effect on\n dnssec-keygen. Leaving the option in genDDNSkey as to not break\n compatibility. Patch provided by Stefan Eisenwiener.\n [bsc#1171313]\n- Put libns into a separate subpackage to avoid file conflicts\n in the libisc subpackage due to different sonums (bsc#1176092).\n- Require /sbin/start_daemon: both init scripts, the one used in\n systemd context as well as legacy sysv, make use of start_daemon.\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-1699", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1699-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:1699-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VUOYW2V65CJWOTYJHZKJDB23QXG7SODU/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:1699-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VUOYW2V65CJWOTYJHZKJDB23QXG7SODU/", }, { category: "self", summary: "SUSE Bug 1100369", url: "https://bugzilla.suse.com/1100369", }, { category: "self", summary: "SUSE Bug 1109160", url: "https://bugzilla.suse.com/1109160", }, { category: "self", summary: "SUSE Bug 1118367", url: "https://bugzilla.suse.com/1118367", }, { category: "self", summary: "SUSE Bug 1118368", url: "https://bugzilla.suse.com/1118368", }, { category: "self", summary: "SUSE Bug 1128220", url: "https://bugzilla.suse.com/1128220", }, { category: "self", summary: "SUSE Bug 1156205", url: "https://bugzilla.suse.com/1156205", }, { category: "self", summary: "SUSE Bug 1157051", url: "https://bugzilla.suse.com/1157051", }, { category: "self", summary: "SUSE Bug 1161168", url: "https://bugzilla.suse.com/1161168", }, { category: "self", summary: "SUSE Bug 1170667", url: "https://bugzilla.suse.com/1170667", }, { category: "self", summary: "SUSE Bug 1170713", url: "https://bugzilla.suse.com/1170713", }, { category: "self", summary: "SUSE Bug 1171313", url: "https://bugzilla.suse.com/1171313", }, { category: "self", summary: "SUSE Bug 1171740", url: "https://bugzilla.suse.com/1171740", }, { category: "self", summary: "SUSE Bug 1172958", url: "https://bugzilla.suse.com/1172958", }, { category: "self", summary: "SUSE Bug 1173307", url: "https://bugzilla.suse.com/1173307", }, { category: "self", summary: "SUSE Bug 1173311", url: "https://bugzilla.suse.com/1173311", }, { category: "self", summary: "SUSE Bug 1173983", url: "https://bugzilla.suse.com/1173983", }, { category: "self", summary: "SUSE Bug 1175443", url: "https://bugzilla.suse.com/1175443", }, { category: "self", summary: "SUSE Bug 1176092", url: "https://bugzilla.suse.com/1176092", }, { category: "self", summary: "SUSE Bug 1176674", url: "https://bugzilla.suse.com/1176674", }, { category: "self", summary: "SUSE Bug 906079", url: "https://bugzilla.suse.com/906079", }, { category: "self", summary: "SUSE CVE CVE-2017-3136 page", url: "https://www.suse.com/security/cve/CVE-2017-3136/", }, { category: "self", summary: "SUSE CVE CVE-2018-5741 page", url: "https://www.suse.com/security/cve/CVE-2018-5741/", }, { category: "self", summary: "SUSE CVE CVE-2019-6477 page", url: "https://www.suse.com/security/cve/CVE-2019-6477/", }, { category: "self", summary: "SUSE CVE CVE-2020-8616 page", url: "https://www.suse.com/security/cve/CVE-2020-8616/", }, { category: "self", summary: "SUSE CVE CVE-2020-8617 page", url: "https://www.suse.com/security/cve/CVE-2020-8617/", }, { category: "self", summary: "SUSE CVE CVE-2020-8618 page", url: "https://www.suse.com/security/cve/CVE-2020-8618/", }, { category: "self", summary: "SUSE CVE CVE-2020-8619 page", url: "https://www.suse.com/security/cve/CVE-2020-8619/", }, { category: "self", summary: "SUSE CVE CVE-2020-8620 page", url: "https://www.suse.com/security/cve/CVE-2020-8620/", }, { category: "self", summary: "SUSE CVE CVE-2020-8621 page", url: "https://www.suse.com/security/cve/CVE-2020-8621/", }, { category: "self", summary: "SUSE CVE CVE-2020-8622 page", url: "https://www.suse.com/security/cve/CVE-2020-8622/", }, { category: "self", summary: "SUSE CVE CVE-2020-8623 page", url: "https://www.suse.com/security/cve/CVE-2020-8623/", }, { category: "self", summary: "SUSE CVE CVE-2020-8624 page", url: "https://www.suse.com/security/cve/CVE-2020-8624/", }, ], title: "Security update for bind", tracking: { current_release_date: "2020-10-19T18:22:55Z", generator: { date: "2020-10-19T18:22:55Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:1699-1", initial_release_date: "2020-10-19T18:22:55Z", revision_history: [ { date: "2020-10-19T18:22:55Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "bind-9.16.6-lp152.14.3.1.i586", product: { name: "bind-9.16.6-lp152.14.3.1.i586", product_id: "bind-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "bind-chrootenv-9.16.6-lp152.14.3.1.i586", product: { name: "bind-chrootenv-9.16.6-lp152.14.3.1.i586", product_id: "bind-chrootenv-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "bind-devel-9.16.6-lp152.14.3.1.i586", product: { name: "bind-devel-9.16.6-lp152.14.3.1.i586", product_id: "bind-devel-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "bind-utils-9.16.6-lp152.14.3.1.i586", product: { name: "bind-utils-9.16.6-lp152.14.3.1.i586", product_id: "bind-utils-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "libbind9-1600-9.16.6-lp152.14.3.1.i586", product: { name: "libbind9-1600-9.16.6-lp152.14.3.1.i586", product_id: "libbind9-1600-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "libdns1605-9.16.6-lp152.14.3.1.i586", product: { name: "libdns1605-9.16.6-lp152.14.3.1.i586", product_id: "libdns1605-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "libirs-devel-9.16.6-lp152.14.3.1.i586", product: { name: "libirs-devel-9.16.6-lp152.14.3.1.i586", product_id: "libirs-devel-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "libirs1601-9.16.6-lp152.14.3.1.i586", product: { name: "libirs1601-9.16.6-lp152.14.3.1.i586", product_id: "libirs1601-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "libisc1606-9.16.6-lp152.14.3.1.i586", product: { name: "libisc1606-9.16.6-lp152.14.3.1.i586", product_id: "libisc1606-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "libisccc1600-9.16.6-lp152.14.3.1.i586", product: { name: "libisccc1600-9.16.6-lp152.14.3.1.i586", product_id: "libisccc1600-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "libisccfg1600-9.16.6-lp152.14.3.1.i586", product: { name: "libisccfg1600-9.16.6-lp152.14.3.1.i586", product_id: "libisccfg1600-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "libns1604-9.16.6-lp152.14.3.1.i586", product: { name: "libns1604-9.16.6-lp152.14.3.1.i586", product_id: "libns1604-9.16.6-lp152.14.3.1.i586", }, }, { category: "product_version", name: "libuv-devel-1.18.0-lp152.4.3.1.i586", product: { name: "libuv-devel-1.18.0-lp152.4.3.1.i586", product_id: "libuv-devel-1.18.0-lp152.4.3.1.i586", }, }, { category: "product_version", name: "libuv1-1.18.0-lp152.4.3.1.i586", product: { name: "libuv1-1.18.0-lp152.4.3.1.i586", product_id: "libuv1-1.18.0-lp152.4.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "bind-doc-9.16.6-lp152.14.3.1.noarch", product: { name: "bind-doc-9.16.6-lp152.14.3.1.noarch", product_id: "bind-doc-9.16.6-lp152.14.3.1.noarch", }, }, { category: "product_version", name: "python3-bind-9.16.6-lp152.14.3.1.noarch", product: { name: "python3-bind-9.16.6-lp152.14.3.1.noarch", product_id: "python3-bind-9.16.6-lp152.14.3.1.noarch", }, }, { category: "product_version", name: "sysuser-shadow-2.0-lp152.5.3.1.noarch", product: { name: "sysuser-shadow-2.0-lp152.5.3.1.noarch", product_id: "sysuser-shadow-2.0-lp152.5.3.1.noarch", }, }, { category: "product_version", name: "sysuser-tools-2.0-lp152.5.3.1.noarch", product: { name: "sysuser-tools-2.0-lp152.5.3.1.noarch", product_id: "sysuser-tools-2.0-lp152.5.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "bind-9.16.6-lp152.14.3.1.x86_64", product: { name: "bind-9.16.6-lp152.14.3.1.x86_64", product_id: "bind-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", product: { name: "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", product_id: "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "bind-devel-9.16.6-lp152.14.3.1.x86_64", product: { name: "bind-devel-9.16.6-lp152.14.3.1.x86_64", product_id: "bind-devel-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", product: { name: "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", product_id: "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "bind-utils-9.16.6-lp152.14.3.1.x86_64", product: { name: "bind-utils-9.16.6-lp152.14.3.1.x86_64", product_id: "bind-utils-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libbind9-1600-9.16.6-lp152.14.3.1.x86_64", product: { name: "libbind9-1600-9.16.6-lp152.14.3.1.x86_64", product_id: "libbind9-1600-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", product: { name: "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", product_id: "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libdns1605-9.16.6-lp152.14.3.1.x86_64", product: { name: "libdns1605-9.16.6-lp152.14.3.1.x86_64", product_id: "libdns1605-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", product: { name: "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", product_id: "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libirs-devel-9.16.6-lp152.14.3.1.x86_64", product: { name: "libirs-devel-9.16.6-lp152.14.3.1.x86_64", product_id: "libirs-devel-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libirs1601-9.16.6-lp152.14.3.1.x86_64", product: { name: "libirs1601-9.16.6-lp152.14.3.1.x86_64", product_id: "libirs1601-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", product: { name: "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", product_id: "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libisc1606-9.16.6-lp152.14.3.1.x86_64", product: { name: "libisc1606-9.16.6-lp152.14.3.1.x86_64", product_id: "libisc1606-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", product: { name: "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", product_id: "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libisccc1600-9.16.6-lp152.14.3.1.x86_64", product: { name: "libisccc1600-9.16.6-lp152.14.3.1.x86_64", product_id: "libisccc1600-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", product: { name: "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", product_id: "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libisccfg1600-9.16.6-lp152.14.3.1.x86_64", product: { name: "libisccfg1600-9.16.6-lp152.14.3.1.x86_64", product_id: "libisccfg1600-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", product: { name: "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", product_id: "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libns1604-9.16.6-lp152.14.3.1.x86_64", product: { name: "libns1604-9.16.6-lp152.14.3.1.x86_64", product_id: "libns1604-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", product: { name: "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", product_id: "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", }, }, { category: "product_version", name: "libuv-devel-1.18.0-lp152.4.3.1.x86_64", product: { name: "libuv-devel-1.18.0-lp152.4.3.1.x86_64", product_id: "libuv-devel-1.18.0-lp152.4.3.1.x86_64", }, }, { category: "product_version", name: "libuv1-1.18.0-lp152.4.3.1.x86_64", product: { name: "libuv1-1.18.0-lp152.4.3.1.x86_64", product_id: "libuv1-1.18.0-lp152.4.3.1.x86_64", }, }, { category: "product_version", name: "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", product: { name: "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", product_id: "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.2", product: { name: "openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "bind-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", }, product_reference: "bind-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "bind-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "bind-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "bind-chrootenv-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", }, product_reference: "bind-chrootenv-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "bind-devel-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", }, product_reference: "bind-devel-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "bind-devel-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "bind-devel-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "bind-doc-9.16.6-lp152.14.3.1.noarch as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", }, product_reference: "bind-doc-9.16.6-lp152.14.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", }, product_reference: "bind-utils-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "bind-utils-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "bind-utils-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libbind9-1600-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", }, product_reference: "libbind9-1600-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libbind9-1600-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libbind9-1600-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libdns1605-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", }, product_reference: "libdns1605-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libdns1605-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libdns1605-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libirs-devel-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", }, product_reference: "libirs-devel-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libirs-devel-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libirs-devel-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libirs1601-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", }, product_reference: "libirs1601-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libirs1601-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libirs1601-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libisc1606-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", }, product_reference: "libisc1606-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libisc1606-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libisc1606-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libisccc1600-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", }, product_reference: "libisccc1600-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libisccc1600-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libisccc1600-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libisccfg1600-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", }, product_reference: "libisccfg1600-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libisccfg1600-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libisccfg1600-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libns1604-9.16.6-lp152.14.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", }, product_reference: "libns1604-9.16.6-lp152.14.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libns1604-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libns1604-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", }, product_reference: "libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libuv-devel-1.18.0-lp152.4.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", }, product_reference: "libuv-devel-1.18.0-lp152.4.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libuv-devel-1.18.0-lp152.4.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", }, product_reference: "libuv-devel-1.18.0-lp152.4.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libuv1-1.18.0-lp152.4.3.1.i586 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", }, product_reference: "libuv1-1.18.0-lp152.4.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libuv1-1.18.0-lp152.4.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", }, product_reference: "libuv1-1.18.0-lp152.4.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", }, product_reference: "libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "python3-bind-9.16.6-lp152.14.3.1.noarch as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", }, product_reference: "python3-bind-9.16.6-lp152.14.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "sysuser-shadow-2.0-lp152.5.3.1.noarch as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", }, product_reference: "sysuser-shadow-2.0-lp152.5.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "sysuser-tools-2.0-lp152.5.3.1.noarch as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", }, product_reference: "sysuser-tools-2.0-lp152.5.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.2", }, ], }, vulnerabilities: [ { cve: "CVE-2017-3136", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-3136", }, ], notes: [ { category: "general", text: "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2017-3136", url: "https://www.suse.com/security/cve/CVE-2017-3136", }, { category: "external", summary: "SUSE Bug 1018700 for CVE-2017-3136", url: "https://bugzilla.suse.com/1018700", }, { category: "external", summary: "SUSE Bug 1018701 for CVE-2017-3136", url: "https://bugzilla.suse.com/1018701", }, { category: "external", summary: "SUSE Bug 1018702 for CVE-2017-3136", url: "https://bugzilla.suse.com/1018702", }, { category: "external", summary: "SUSE Bug 1024130 for CVE-2017-3136", url: "https://bugzilla.suse.com/1024130", }, { category: "external", summary: "SUSE Bug 1033461 for CVE-2017-3136", url: "https://bugzilla.suse.com/1033461", }, { category: "external", summary: "SUSE Bug 1033466 for CVE-2017-3136", url: "https://bugzilla.suse.com/1033466", }, { category: "external", summary: "SUSE Bug 1081545 for CVE-2017-3136", url: "https://bugzilla.suse.com/1081545", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "important", }, ], title: "CVE-2017-3136", }, { cve: "CVE-2018-5741", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-5741", }, ], notes: [ { category: "general", text: "To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update request. Unfortunately, some rule types were not initially documented, and when documentation for them was added to the Administrator Reference Manual (ARM) in change #3112, the language that was added to the ARM at that time incorrectly described the behavior of two rule types, krb5-subdomain and ms-subdomain. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. This affects BIND versions prior to BIND 9.11.5 and BIND 9.12.3.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-5741", url: "https://www.suse.com/security/cve/CVE-2018-5741", }, { category: "external", summary: "SUSE Bug 1109160 for CVE-2018-5741", url: "https://bugzilla.suse.com/1109160", }, { category: "external", summary: "SUSE Bug 1171740 for CVE-2018-5741", url: "https://bugzilla.suse.com/1171740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "moderate", }, ], title: "CVE-2018-5741", }, { cve: "CVE-2019-6477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-6477", }, ], notes: [ { category: "general", text: "With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-6477", url: "https://www.suse.com/security/cve/CVE-2019-6477", }, { category: "external", summary: "SUSE Bug 1157051 for CVE-2019-6477", url: "https://bugzilla.suse.com/1157051", }, { category: "external", summary: "SUSE Bug 1197136 for CVE-2019-6477", url: "https://bugzilla.suse.com/1197136", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "important", }, ], title: "CVE-2019-6477", }, { cve: "CVE-2020-8616", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8616", }, ], notes: [ { category: "general", text: "A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8616", url: "https://www.suse.com/security/cve/CVE-2020-8616", }, { category: "external", summary: "SUSE Bug 1109160 for CVE-2020-8616", url: "https://bugzilla.suse.com/1109160", }, { category: "external", summary: "SUSE Bug 1171740 for CVE-2020-8616", url: "https://bugzilla.suse.com/1171740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "moderate", }, ], title: "CVE-2020-8616", }, { cve: "CVE-2020-8617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8617", }, ], notes: [ { category: "general", text: "Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8617", url: "https://www.suse.com/security/cve/CVE-2020-8617", }, { category: "external", summary: "SUSE Bug 1109160 for CVE-2020-8617", url: "https://bugzilla.suse.com/1109160", }, { category: "external", summary: "SUSE Bug 1171740 for CVE-2020-8617", url: "https://bugzilla.suse.com/1171740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "moderate", }, ], title: "CVE-2020-8617", }, { cve: "CVE-2020-8618", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8618", }, ], notes: [ { category: "general", text: "An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8618", url: "https://www.suse.com/security/cve/CVE-2020-8618", }, { category: "external", summary: "SUSE Bug 1172958 for CVE-2020-8618", url: "https://bugzilla.suse.com/1172958", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "moderate", }, ], title: "CVE-2020-8618", }, { cve: "CVE-2020-8619", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8619", }, ], notes: [ { category: "general", text: "In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (\"*\") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8619", url: "https://www.suse.com/security/cve/CVE-2020-8619", }, { category: "external", summary: "SUSE Bug 1172958 for CVE-2020-8619", url: "https://bugzilla.suse.com/1172958", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "moderate", }, ], title: "CVE-2020-8619", }, { cve: "CVE-2020-8620", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8620", }, ], notes: [ { category: "general", text: "In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8620", url: "https://www.suse.com/security/cve/CVE-2020-8620", }, { category: "external", summary: "SUSE Bug 1175443 for CVE-2020-8620", url: "https://bugzilla.suse.com/1175443", }, { category: "external", summary: "SUSE Bug 1191120 for CVE-2020-8620", url: "https://bugzilla.suse.com/1191120", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "important", }, ], title: "CVE-2020-8620", }, { cve: "CVE-2020-8621", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8621", }, ], notes: [ { category: "general", text: "In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8621", url: "https://www.suse.com/security/cve/CVE-2020-8621", }, { category: "external", summary: "SUSE Bug 1175443 for CVE-2020-8621", url: "https://bugzilla.suse.com/1175443", }, { category: "external", summary: "SUSE Bug 1191120 for CVE-2020-8621", url: "https://bugzilla.suse.com/1191120", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "important", }, ], title: "CVE-2020-8621", }, { cve: "CVE-2020-8622", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8622", }, ], notes: [ { category: "general", text: "In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8622", url: "https://www.suse.com/security/cve/CVE-2020-8622", }, { category: "external", summary: "SUSE Bug 1175443 for CVE-2020-8622", url: "https://bugzilla.suse.com/1175443", }, { category: "external", summary: "SUSE Bug 1188888 for CVE-2020-8622", url: "https://bugzilla.suse.com/1188888", }, { category: "external", summary: "SUSE Bug 1191120 for CVE-2020-8622", url: "https://bugzilla.suse.com/1191120", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "important", }, ], title: "CVE-2020-8622", }, { cve: "CVE-2020-8623", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8623", }, ], notes: [ { category: "general", text: "In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8623", url: "https://www.suse.com/security/cve/CVE-2020-8623", }, { category: "external", summary: "SUSE Bug 1175443 for CVE-2020-8623", url: "https://bugzilla.suse.com/1175443", }, { category: "external", summary: "SUSE Bug 1191120 for CVE-2020-8623", url: "https://bugzilla.suse.com/1191120", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "important", }, ], title: "CVE-2020-8623", }, { cve: "CVE-2020-8624", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8624", }, ], notes: [ { category: "general", text: "In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8624", url: "https://www.suse.com/security/cve/CVE-2020-8624", }, { category: "external", summary: "SUSE Bug 1175443 for CVE-2020-8624", url: "https://bugzilla.suse.com/1175443", }, { category: "external", summary: "SUSE Bug 1191120 for CVE-2020-8624", url: "https://bugzilla.suse.com/1191120", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-chrootenv-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:bind-doc-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:bind-utils-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libbind9-1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libdns1605-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs-devel-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libirs1601-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisc1606-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccc1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libisccfg1600-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-32bit-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.i586", "openSUSE Leap 15.2:libns1604-9.16.6-lp152.14.3.1.x86_64", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv-devel-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.i586", "openSUSE Leap 15.2:libuv1-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:libuv1-32bit-1.18.0-lp152.4.3.1.x86_64", "openSUSE Leap 15.2:python3-bind-9.16.6-lp152.14.3.1.noarch", "openSUSE Leap 15.2:sysuser-shadow-2.0-lp152.5.3.1.noarch", "openSUSE Leap 15.2:sysuser-tools-2.0-lp152.5.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-10-19T18:22:55Z", details: "important", }, ], title: "CVE-2020-8624", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.