Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 554
Alerts This Week
Warning Icon 1 554

openSUSE 15.1: 2020:1085-1 Moderate: Knot TSIG Authentication Fix

opensuse
Calendar Grey July 26, 2020
Dist Opensuse Esm H88
Patch released for openSUSE addressing knot DNS authentication flaw. Upgrade recommended to maintain secure connectivity.
An update that fixes one vulnerability is now available.

Description

This update for knot fixes the following issues:

- CVE-2017-11104: Fixed an improper implementation of TSIG protocol which

could have allowed an attacker with a valid key name and algorithm to

bypass TSIG authentication (boo#1047841).

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2020-1085=1

Package List

- openSUSE Leap 15.1 (x86_64):

knot-1.6.8-lp151.4.3.1

knot-debuginfo-1.6.8-lp151.4.3.1

knot-debugsource-1.6.8-lp151.4.3.1

References

https://www.suse.com/security/cve/CVE-2017-11104.html

https://bugzilla.suse.com/1047841

--

Announcement ID: openSUSE-SU-2020:1085-1
Rating: moderate
Affected Products: openSUSE Leap 15.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.