File _patchinfo of Package patchinfo.25226

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.25226

<patchinfo incident="25226">
  <issue tracker="bnc" id="1201247">bind wrong ownership for /var/lib/named/master after installation</issue>
  <issue tracker="bnc" id="1203614">VUL-0: CVE-2022-2795: bind: Processing large delegations may severely degrade resolver performance</issue>
  <issue tracker="bnc" id="1203619">VUL-0: CVE-2022-38177: bind: Memory leak in ECDSA DNSSEC verification code</issue>
  <issue tracker="bnc" id="1203620">VUL-0: CVE-2022-38178: bind: Memory leaks in EdDSA DNSSEC verification code</issue>
  <issue tracker="cve" id="2022-2795"/>
  <issue tracker="cve" id="2022-38177"/>
  <issue tracker="cve" id="2022-38178"/>
  <packager>jmoellers</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for bind</summary>
  <description>This update for bind fixes the following issues:

- CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations (bsc#1203614).
- CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619).
- CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm (bsc#1203620).

Bugfixes:
- Changed ownership of /var/lib/named/master from named:named to root:root (bsc#1201247)
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.25226

Places