SUSE-SU-2023:2793-1

UNKNOWN

Security update for bind

Published Jul 7, 2023

Modified 2 years ago

Fix available

Details

This update for bind fixes the following issues:

CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm (bsc#1212544).

Affected Packages(14 packages)

bind

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

bind-chrootenv

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

bind-doc

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

bind-utils

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

libbind9-161

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

libdns1110

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

libirs161

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

libisc1107

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

libisc1107-32bit

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

libisccc161

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

9.11.22-3.46.4

References

https://bugzilla.suse.com/1212544

https://www.suse.com/security/cve/CVE-2023-2828

https://www.suse.com/support/update/announcement/2023/suse-su-20232793-1/

Upstream

Related

Ecosystems(8)

SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5

Timeline

PublishedJul 7, 2023

ModifiedJul 7, 2023

SUSE-SU-2023:2793-1 | Mondoo Vulnerability Intelligence