Security update for bind SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2019:2502-1 Final 1 1 2019-10-01T11:06:19Z current 2019-10-01T11:06:19Z 2019-10-01T11:06:19Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for bind This update for bind fixes the following issues: Security issues fixed: - CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069). - CVE-2019-6471: Fixed a reachable assert in dispatch.c. (bsc#1138687) - CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068). - CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185). - CVE-2018-5740: Fixed a denial of service vulnerability in the 'deny-answer-aliases' feature (bsc#1104129). Non-security issues fixed: - Don't rely on /etc/insserv.conf anymore for proper dependencies against nss-lookup.target in named.service and lwresd.service (bsc#1118367, bsc#1118368). - Fix FIPS related regression (bsc#1128220). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Image SLES12-SP5-Azure-BYOS-2019-2502,Image SLES12-SP5-Azure-Basic-On-Demand-2019-2502,Image SLES12-SP5-Azure-HPC-BYOS-2019-2502,Image SLES12-SP5-Azure-HPC-On-Demand-2019-2502,Image SLES12-SP5-Azure-SAP-BYOS-2019-2502,Image SLES12-SP5-Azure-SAP-On-Demand-2019-2502,Image SLES12-SP5-Azure-Standard-On-Demand-2019-2502,Image SLES12-SP5-EC2-BYOS-2019-2502,Image SLES12-SP5-EC2-ECS-On-Demand-2019-2502,Image SLES12-SP5-EC2-On-Demand-2019-2502,Image SLES12-SP5-EC2-SAP-BYOS-2019-2502,Image SLES12-SP5-EC2-SAP-On-Demand-2019-2502,Image SLES12-SP5-GCE-BYOS-2019-2502,Image SLES12-SP5-GCE-On-Demand-2019-2502,Image SLES12-SP5-GCE-SAP-BYOS-2019-2502,Image SLES12-SP5-GCE-SAP-On-Demand-2019-2502,Image SLES12-SP5-OCI-BYOS-BYOS-2019-2502,Image SLES12-SP5-OCI-BYOS-SAP-BYOS-2019-2502,Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2019-2502,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2019-2502,SUSE-2019-2502,SUSE-SLE-DESKTOP-12-SP4-2019-2502,SUSE-SLE-SDK-12-SP4-2019-2502,SUSE-SLE-SERVER-12-SP4-2019-2502 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2019/suse-su-20192502-1/ Link for SUSE-SU-2019:2502-1 https://lists.suse.com/pipermail/sle-security-updates/2019-October/005975.html E-Mail link for SUSE-SU-2019:2502-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1104129 SUSE Bug 1104129 https://bugzilla.suse.com/1118367 SUSE Bug 1118367 https://bugzilla.suse.com/1118368 SUSE Bug 1118368 https://bugzilla.suse.com/1126068 SUSE Bug 1126068 https://bugzilla.suse.com/1126069 SUSE Bug 1126069 https://bugzilla.suse.com/1128220 SUSE Bug 1128220 https://bugzilla.suse.com/1133185 SUSE Bug 1133185 https://bugzilla.suse.com/1138687 SUSE Bug 1138687 https://www.suse.com/security/cve/CVE-2018-5740/ SUSE CVE CVE-2018-5740 page https://www.suse.com/security/cve/CVE-2018-5743/ SUSE CVE CVE-2018-5743 page https://www.suse.com/security/cve/CVE-2018-5745/ SUSE CVE CVE-2018-5745 page https://www.suse.com/security/cve/CVE-2019-6465/ SUSE CVE CVE-2019-6465 page https://www.suse.com/security/cve/CVE-2019-6471/ SUSE CVE CVE-2019-6471 page Image SLES12-SP5-Azure-BYOS Image SLES12-SP5-Azure-Basic-On-Demand Image SLES12-SP5-Azure-HPC-BYOS Image SLES12-SP5-Azure-HPC-On-Demand Image SLES12-SP5-Azure-SAP-BYOS Image SLES12-SP5-Azure-SAP-On-Demand Image SLES12-SP5-Azure-Standard-On-Demand Image SLES12-SP5-EC2-BYOS Image SLES12-SP5-EC2-ECS-On-Demand Image SLES12-SP5-EC2-On-Demand Image SLES12-SP5-EC2-SAP-BYOS Image SLES12-SP5-EC2-SAP-On-Demand Image SLES12-SP5-GCE-BYOS Image SLES12-SP5-GCE-On-Demand Image SLES12-SP5-GCE-SAP-BYOS Image SLES12-SP5-GCE-SAP-On-Demand Image SLES12-SP5-OCI-BYOS-BYOS Image SLES12-SP5-OCI-BYOS-SAP-BYOS Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP4 bind-utils-9.11.2-3.10.1 python-bind-9.11.2-3.10.1 bind-9.11.2-3.10.1 bind-chrootenv-9.11.2-3.10.1 bind-devel-9.11.2-3.10.1 bind-devel-32bit-9.11.2-3.10.1 bind-devel-64bit-9.11.2-3.10.1 bind-doc-9.11.2-3.10.1 bind-lwresd-9.11.2-3.10.1 libbind9-160-9.11.2-3.10.1 libbind9-160-32bit-9.11.2-3.10.1 libbind9-160-64bit-9.11.2-3.10.1 libdns169-9.11.2-3.10.1 libdns169-32bit-9.11.2-3.10.1 libdns169-64bit-9.11.2-3.10.1 libirs-devel-9.11.2-3.10.1 libirs160-9.11.2-3.10.1 libirs160-32bit-9.11.2-3.10.1 libirs160-64bit-9.11.2-3.10.1 libisc166-9.11.2-3.10.1 libisc166-32bit-9.11.2-3.10.1 libisc166-64bit-9.11.2-3.10.1 libisccc160-9.11.2-3.10.1 libisccc160-32bit-9.11.2-3.10.1 libisccc160-64bit-9.11.2-3.10.1 libisccfg160-9.11.2-3.10.1 libisccfg160-32bit-9.11.2-3.10.1 libisccfg160-64bit-9.11.2-3.10.1 liblwres160-9.11.2-3.10.1 liblwres160-32bit-9.11.2-3.10.1 liblwres160-64bit-9.11.2-3.10.1 bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-BYOS python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-BYOS bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-Basic-On-Demand python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-Basic-On-Demand bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-HPC-BYOS python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-HPC-BYOS bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-HPC-On-Demand python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-HPC-On-Demand bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-Standard-On-Demand python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-Azure-Standard-On-Demand bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-BYOS python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-BYOS bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-ECS-On-Demand python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-ECS-On-Demand bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-On-Demand python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-On-Demand bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-GCE-BYOS python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-GCE-BYOS bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-GCE-On-Demand python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-GCE-On-Demand bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-OCI-BYOS-BYOS python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-OCI-BYOS-BYOS bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-OCI-BYOS-SAP-BYOS python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-OCI-BYOS-SAP-BYOS bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production bind-utils-9.11.2-3.10.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production python-bind-9.11.2-3.10.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production bind-utils-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libbind9-160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libdns169-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libirs160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libisc166-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libisc166-32bit-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libisccc160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 libisccfg160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 liblwres160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 python-bind-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Desktop 12 SP4 bind-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 bind-chrootenv-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 bind-doc-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 bind-utils-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 libbind9-160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 libdns169-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 libirs160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 libisc166-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 libisc166-32bit-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 libisccc160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 libisccfg160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 liblwres160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 python-bind-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server 12 SP4 bind-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 bind-chrootenv-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 bind-doc-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 bind-utils-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libbind9-160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libdns169-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libirs160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libisc166-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libisc166-32bit-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libisccc160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 libisccfg160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 liblwres160-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 python-bind-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 bind-devel-9.11.2-3.10.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP4 "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. CVE-2018-5740 Image SLES12-SP5-Azure-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Software Development Kit 12 SP4:bind-devel-9.11.2-3.10.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192502-1/ https://www.suse.com/security/cve/CVE-2018-5740.html CVE-2018-5740 https://bugzilla.suse.com/1104129 SUSE Bug 1104129 https://bugzilla.suse.com/1141730 SUSE Bug 1141730 https://bugzilla.suse.com/1148887 SUSE Bug 1148887 https://bugzilla.suse.com/1177790 SUSE Bug 1177790 By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743. CVE-2018-5743 Image SLES12-SP5-Azure-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Software Development Kit 12 SP4:bind-devel-9.11.2-3.10.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192502-1/ https://www.suse.com/security/cve/CVE-2018-5743.html CVE-2018-5743 https://bugzilla.suse.com/1133185 SUSE Bug 1133185 https://bugzilla.suse.com/1148887 SUSE Bug 1148887 https://bugzilla.suse.com/1157051 SUSE Bug 1157051 "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745. CVE-2018-5745 Image SLES12-SP5-Azure-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Software Development Kit 12 SP4:bind-devel-9.11.2-3.10.1 moderate 3.5 AV:N/AC:M/Au:S/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192502-1/ https://www.suse.com/security/cve/CVE-2018-5745.html CVE-2018-5745 https://bugzilla.suse.com/1126068 SUSE Bug 1126068 https://bugzilla.suse.com/1141730 SUSE Bug 1141730 https://bugzilla.suse.com/1148887 SUSE Bug 1148887 https://bugzilla.suse.com/1177790 SUSE Bug 1177790 Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465. CVE-2019-6465 Image SLES12-SP5-Azure-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Software Development Kit 12 SP4:bind-devel-9.11.2-3.10.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192502-1/ https://www.suse.com/security/cve/CVE-2019-6465.html CVE-2019-6465 https://bugzilla.suse.com/1126069 SUSE Bug 1126069 https://bugzilla.suse.com/1141730 SUSE Bug 1141730 https://bugzilla.suse.com/1148887 SUSE Bug 1148887 A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1. CVE-2019-6471 Image SLES12-SP5-Azure-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Basic-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-HPC-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-Azure-Standard-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-ECS-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-EC2-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-GCE-SAP-On-Demand:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:python-bind-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:bind-utils-9.11.2-3.10.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Desktop 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-chrootenv-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-doc-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:bind-utils-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libbind9-160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libdns169-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libirs160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-32bit-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisc166-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccc160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:libisccfg160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:liblwres160-9.11.2-3.10.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:python-bind-9.11.2-3.10.1 SUSE Linux Enterprise Software Development Kit 12 SP4:bind-devel-9.11.2-3.10.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20192502-1/ https://www.suse.com/security/cve/CVE-2019-6471.html CVE-2019-6471 https://bugzilla.suse.com/1138687 SUSE Bug 1138687