Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

SUSE: 2021:2876-1 Moderate: Bind Denial Of Service Risk

suse
Calendar Grey August 30, 2021
Scroller Suse
Ubuntu Security Update for OpenSSL (USN-2021-0050-1) deals with a serious vulnerability (CVE-2021-3449) through various update procedures.
An update that solves one vulnerability and has one errata is now available

Summary

This update for bind fixes the following issues: - CVE-2020-8622: A truncated TSIG response can lead to an assertion failure (bsc#1175443). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2021-2876=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2021-2876=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2021-2876=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2021-2876=1 - SUSE Linux Enterprise Server 12-SP3-BCL:

References

#1175443 #1188888

Cross- CVE-2020-8622

CVSS scores:

CVE-2020-8622 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2020-8622 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud 8

SUSE Linux Enterprise Server for SAP 12-SP3

SUSE Linux Enterprise Server 12-SP3-LTSS

SUSE Linux Enterprise Server 12-SP3-BCL

SUSE Linux Enterprise Server 12-SP2-BCL

HPE Helion Openstack 8

https://www.suse.com/security/cve/CVE-2020-8622.html

https://bugzilla.suse.com/1175443

https://bugzilla.suse.com/1188888

Announcement ID: SUSE-SU-2021:2876-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.