Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 589 articles for you...
203

Mageia BIND 10 9 Critical Corrupted Data Issue 2026-0258

Security update. Publication date: 18 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0258.html Type: security Affected Mageia releases: 10, 9 Description: The updated bind packages fix a security vulnerability: When BIND 9 was configured to use DNS64 and encounters a DNAME redirect, it could end up using freed memory for the DNS response owner name. This caused the response to contain corrupted data. References: - https://bugs.mageia.org/show_bug.cgi?id=35725 - http://www.slackware.com/security/viewer.php?l=slackware-security&y=2026&m=slackware-security.373168 - https://downloads.isc.org/isc/bind9/9.20.24/doc/arm/html/changelog.html - https://downloads.isc.org/isc/bind9/9.18.50/doc/arm/html/changelog.html SRPMS: - 10/core/bind-9.20.24-1.mga10 - 9/core/bind-9.18.50-1.mga9 . BIND security update addresses corrupted data risk in responses due to DNAME redirect with freed memory.. BIND security update, Mageia security advisory, DNS64 issue, memory corruption fix. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 18, 2026 Critical Mageia
217

Oracle Linux 10 Bind Important Denial of Service Fix ELSA-2026-24338

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-24338 http://linux.oracle.com/errata/ELSA-2026-24338.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: bind-9.18.33-15.0.1.el10_2.2.x86_64.rpm bind-chroot-9.18.33-15.0.1.el10_2.2.x86_64.rpm bind-devel-9.18.33-15.0.1.el10_2.2.x86_64.rpm bind-dnssec-utils-9.18.33-15.0.1.el10_2.2.x86_64.rpm bind-doc-9.18.33-15.0.1.el10_2.2.noarch.rpm bind-libs-9.18.33-15.0.1.el10_2.2.x86_64.rpm bind-license-9.18.33-15.0.1.el10_2.2.noarch.rpm bind-utils-9.18.33-15.0.1.el10_2.2.x86_64.rpm aarch64: bind-9.18.33-15.0.1.el10_2.2.aarch64.rpm bind-chroot-9.18.33-15.0.1.el10_2.2.aarch64.rpm bind-devel-9.18.33-15.0.1.el10_2.2.aarch64.rpm bind-dnssec-utils-9.18.33-15.0.1.el10_2.2.aarch64.rpm bind-doc-9.18.33-15.0.1.el10_2.2.noarch.rpm bind-libs-9.18.33-15.0.1.el10_2.2.aarch64.rpm bind-license-9.18.33-15.0.1.el10_2.2.noarch.rpm bind-utils-9.18.33-15.0.1.el10_2.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/bind-9.18.33-15.0.1.el10_2.2.src.rpm Related CVEs: CVE-2026-3039 CVE-2026-5946 Description of changes: [9.18.33-15.0.1.el10_2.2] - Hard require needed openssl-libs [Orabug: 38742109] - Fix warning when changing device file permissions [Orabug: 36518580] [32:9.18.33-15.2] - Fix GSS-API resource leak (CVE-2026-3039) - Invalid handling of CLASS != IN (CVE-2026-5946) [32:9.18.33-15.1] - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone (CVE-2026-1519) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . New advisory for Oracle Linux 10 provides updates for bind packages addressing critical issues. See complete details.. Oracle Linux 10, bind package, DNS security, security update, important fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Oracle
202

openSUSE bind Important DoS Amplification Issues 2026-2779-1

An update that solves three vulnerabilities can now be installed.. # Security update for bind Announcement ID: SUSE-SU-2026:2779-1 Release Date: 2026-07-06T14:07:45Z Rating: important References: * bsc#1265591 * bsc#1265592 * bsc#1265594 Cross-References: * CVE-2026-3039 * CVE-2026-3592 * CVE-2026-5946 CVSS scores: * CVE-2026-3039 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3039 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3039 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3592 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-3592 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-5946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.3 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for bind fixes the following issues: * CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation (bsc#1265591). * CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records (bsc#1265592). * CVE-2026-5946: Invalid handling of CLASS != IN (bsc#1265594). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patchSUSE-SLE-Module-Basesystem-15-SP7-2026-2779=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2779=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2779=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-2779=1 ## Package List: * openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64) * libirs1601-debuginfo-9.16.6-150300.22.59.1 * libdns1605-9.16.6-150300.22.59.1 * libdns1605-debuginfo-9.16.6-150300.22.59.1 * libisc1606-9.16.6-150300.22.59.1 * bind-9.16.6-150300.22.59.1 * bind-debugsource-9.16.6-150300.22.59.1 * bind-devel-9.16.6-150300.22.59.1 * libisccfg1600-debuginfo-9.16.6-150300.22.59.1 * bind-utils-9.16.6-150300.22.59.1 * libirs-devel-9.16.6-150300.22.59.1 * libbind9-1600-9.16.6-150300.22.59.1 * libbind9-1600-debuginfo-9.16.6-150300.22.59.1 * libns1604-9.16.6-150300.22.59.1 * libirs1601-9.16.6-150300.22.59.1 * libisccc1600-debuginfo-9.16.6-150300.22.59.1 * libisccc1600-9.16.6-150300.22.59.1 * bind-utils-debuginfo-9.16.6-150300.22.59.1 * bind-chrootenv-9.16.6-150300.22.59.1 * libisccfg1600-9.16.6-150300.22.59.1 * libisc1606-debuginfo-9.16.6-150300.22.59.1 * bind-debuginfo-9.16.6-150300.22.59.1 * libns1604-debuginfo-9.16.6-150300.22.59.1 * openSUSE Leap 15.3 (noarch) * python3-bind-9.16.6-150300.22.59.1 * bind-doc-9.16.6-150300.22.59.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * libisccfg1600-9.16.6-150300.22.59.1 * libisc1606-debuginfo-9.16.6-150300.22.59.1 * libisccfg1600-debuginfo-9.16.6-150300.22.59.1 * libirs1601-debuginfo-9.16.6-150300.22.59.1 * bind-debuginfo-9.16.6-150300.22.59.1 * libirs-devel-9.16.6-150300.22.59.1 * libdns1605-9.16.6-150300.22.59.1 * libisc1606-9.16.6-150300.22.59.1 * libdns1605-debuginfo-9.16.6-150300.22.59.1 * bind-debugsource-9.16.6-150300.22.59.1 *libirs1601-9.16.6-150300.22.59.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * libisccfg1600-9.16.6-150300.22.59.1 * libisc1606-debuginfo-9.16.6-150300.22.59.1 * libisccfg1600-debuginfo-9.16.6-150300.22.59.1 * libirs1601-debuginfo-9.16.6-150300.22.59.1 * bind-debuginfo-9.16.6-150300.22.59.1 * libirs-devel-9.16.6-150300.22.59.1 * libdns1605-9.16.6-150300.22.59.1 * libdns1605-debuginfo-9.16.6-150300.22.59.1 * libisc1606-9.16.6-150300.22.59.1 * bind-debugsource-9.16.6-150300.22.59.1 * libirs1601-9.16.6-150300.22.59.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libisccfg1600-9.16.6-150300.22.59.1 * libisc1606-debuginfo-9.16.6-150300.22.59.1 * libisccfg1600-debuginfo-9.16.6-150300.22.59.1 * libirs1601-debuginfo-9.16.6-150300.22.59.1 * bind-debuginfo-9.16.6-150300.22.59.1 * libirs-devel-9.16.6-150300.22.59.1 * libdns1605-9.16.6-150300.22.59.1 * libisc1606-9.16.6-150300.22.59.1 * libdns1605-debuginfo-9.16.6-150300.22.59.1 * bind-debugsource-9.16.6-150300.22.59.1 * libirs1601-9.16.6-150300.22.59.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3039.html * https://www.suse.com/security/cve/CVE-2026-3592.html * https://www.suse.com/security/cve/CVE-2026-5946.html * https://bugzilla.suse.com/show_bug.cgi?id=1265591 * https://bugzilla.suse.com/show_bug.cgi?id=1265592 * https://bugzilla.suse.com/show_bug.cgi?id=1265594 . An important update for openSUSE addresses several critical issues in BIND. Recommended installations available.. openSUSE security,binding software update,network security patch,bind vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Important OpenSUSE
100

SUSE 2026-2779-1 BIND Important Memory Exhaustion Amplification Issues

An update that solves three vulnerabilities can now be installed.. # Security update for bind Announcement ID: SUSE-SU-2026:2779-1 Release Date: 2026-07-06T14:07:45Z Rating: important References: * bsc#1265591 * bsc#1265592 * bsc#1265594 Cross-References: * CVE-2026-3039 * CVE-2026-3592 * CVE-2026-5946 CVSS scores: * CVE-2026-3039 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3039 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3039 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3592 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-3592 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-5946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.3 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for bind fixes the following issues: * CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation (bsc#1265591). * CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records (bsc#1265592). * CVE-2026-5946: Invalid handling of CLASS != IN (bsc#1265594). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patchSUSE-SLE-Module-Basesystem-15-SP7-2026-2779=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2779=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2779=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-2779=1 ## Package List: * openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64) * libirs1601-debuginfo-9.16.6-150300.22.59.1 * libdns1605-9.16.6-150300.22.59.1 * libdns1605-debuginfo-9.16.6-150300.22.59.1 * libisc1606-9.16.6-150300.22.59.1 * bind-9.16.6-150300.22.59.1 * bind-debugsource-9.16.6-150300.22.59.1 * bind-devel-9.16.6-150300.22.59.1 * libisccfg1600-debuginfo-9.16.6-150300.22.59.1 * bind-utils-9.16.6-150300.22.59.1 * libirs-devel-9.16.6-150300.22.59.1 * libbind9-1600-9.16.6-150300.22.59.1 * libbind9-1600-debuginfo-9.16.6-150300.22.59.1 * libns1604-9.16.6-150300.22.59.1 * libirs1601-9.16.6-150300.22.59.1 * libisccc1600-debuginfo-9.16.6-150300.22.59.1 * libisccc1600-9.16.6-150300.22.59.1 * bind-utils-debuginfo-9.16.6-150300.22.59.1 * bind-chrootenv-9.16.6-150300.22.59.1 * libisccfg1600-9.16.6-150300.22.59.1 * libisc1606-debuginfo-9.16.6-150300.22.59.1 * bind-debuginfo-9.16.6-150300.22.59.1 * libns1604-debuginfo-9.16.6-150300.22.59.1 * openSUSE Leap 15.3 (noarch) * python3-bind-9.16.6-150300.22.59.1 * bind-doc-9.16.6-150300.22.59.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * libisccfg1600-9.16.6-150300.22.59.1 * libisc1606-debuginfo-9.16.6-150300.22.59.1 * libisccfg1600-debuginfo-9.16.6-150300.22.59.1 * libirs1601-debuginfo-9.16.6-150300.22.59.1 * bind-debuginfo-9.16.6-150300.22.59.1 * libirs-devel-9.16.6-150300.22.59.1 * libdns1605-9.16.6-150300.22.59.1 * libisc1606-9.16.6-150300.22.59.1 * libdns1605-debuginfo-9.16.6-150300.22.59.1 * bind-debugsource-9.16.6-150300.22.59.1 *libirs1601-9.16.6-150300.22.59.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * libisccfg1600-9.16.6-150300.22.59.1 * libisc1606-debuginfo-9.16.6-150300.22.59.1 * libisccfg1600-debuginfo-9.16.6-150300.22.59.1 * libirs1601-debuginfo-9.16.6-150300.22.59.1 * bind-debuginfo-9.16.6-150300.22.59.1 * libirs-devel-9.16.6-150300.22.59.1 * libdns1605-9.16.6-150300.22.59.1 * libdns1605-debuginfo-9.16.6-150300.22.59.1 * libisc1606-9.16.6-150300.22.59.1 * bind-debugsource-9.16.6-150300.22.59.1 * libirs1601-9.16.6-150300.22.59.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libisccfg1600-9.16.6-150300.22.59.1 * libisc1606-debuginfo-9.16.6-150300.22.59.1 * libisccfg1600-debuginfo-9.16.6-150300.22.59.1 * libirs1601-debuginfo-9.16.6-150300.22.59.1 * bind-debuginfo-9.16.6-150300.22.59.1 * libirs-devel-9.16.6-150300.22.59.1 * libdns1605-9.16.6-150300.22.59.1 * libisc1606-9.16.6-150300.22.59.1 * libdns1605-debuginfo-9.16.6-150300.22.59.1 * bind-debugsource-9.16.6-150300.22.59.1 * libirs1601-9.16.6-150300.22.59.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3039.html * https://www.suse.com/security/cve/CVE-2026-3592.html * https://www.suse.com/security/cve/CVE-2026-5946.html * https://bugzilla.suse.com/show_bug.cgi?id=1265591 * https://bugzilla.suse.com/show_bug.cgi?id=1265592 * https://bugzilla.suse.com/show_bug.cgi?id=1265594 . SUSE releases an important security advisory for BIND covering critical memory exhaustion and amplification issues.. BIND security update,SUSE security advisory,BIND vulnerabilities,important security update,suse linux security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Important SuSE
202

openSUSE BIND Important Denial of Service Fix 2026-21123-1

An update that solves 6 vulnerabilities and has 6 bug fixes can now be installed.. openSUSE security update: security update for bind ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21123-1 Rating: important References: * bsc#1265591 * bsc#1265592 * bsc#1265593 * bsc#1265594 * bsc#1265595 * bsc#1265596 Cross-References: * CVE-2026-3039 * CVE-2026-3592 * CVE-2026-3593 * CVE-2026-5946 * CVE-2026-5947 * CVE-2026-5950 CVSS scores: * CVE-2026-3039 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3592 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-3593 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-5946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5947 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5950 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 6 vulnerabilities and has 6 bug fixes can now be installed. Description: This update for bind fixes the following issues Upgrade to release 9.20.23: - CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation (bsc#1265591). - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records (bsc#1265592). - CVE-2026-3593: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation (bsc#1265593). - CVE-2026-5946: Invalid handling of CLASS != IN (bsc#1265594). - CVE-2026-5947: SIG(0) validation during query flood may lead to undefined behavior (bsc#1265595). - CVE-2026-5950: Unbounded resend loop in BIND 9 resolver (bsc#1265596). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-988=1 Package List: - openSUSE Leap 16.0: bind-9.20.23-160000.1.1 bind-doc-9.20.23-160000.1.1 bind-modules-bdbhpt-9.20.23-160000.1.1 bind-modules-generic-9.20.23-160000.1.1 bind-modules-ldap-9.20.23-160000.1.1 bind-modules-mysql-9.20.23-160000.1.1 bind-modules-perl-9.20.23-160000.1.1 bind-modules-sqlite3-9.20.23-160000.1.1 bind-utils-9.20.23-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2026-3039.html * https://www.suse.com/security/cve/CVE-2026-3592.html * https://www.suse.com/security/cve/CVE-2026-3593.html * https://www.suse.com/security/cve/CVE-2026-5946.html * https://www.suse.com/security/cve/CVE-2026-5947.html * https://www.suse.com/security/cve/CVE-2026-5950.html . Update for openSUSE addresses 6 issues in BIND to enhance security and performance. Critical fixes included.. openSUSE security,binding DNS update,BIND vulnerabilities,security patch update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important OpenSUSE
100

SUSE BIND Important Memory Exhaustion Denial of Service Vuln 2026-2673-1

An update that solves five vulnerabilities and has one security fix can now be installed.. # Security update for bind Announcement ID: SUSE-SU-2026:2673-1 Release Date: 2026-06-29T09:32:13Z Rating: important References: * bsc#1263494 * bsc#1265591 * bsc#1265592 * bsc#1265594 * bsc#1265595 * bsc#1265596 Cross-References: * CVE-2026-3039 * CVE-2026-3592 * CVE-2026-5946 * CVE-2026-5947 * CVE-2026-5950 CVSS scores: * CVE-2026-3039 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3039 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3592 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-3592 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-5946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5947 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5947 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5947 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5950 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-5950 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for bind fixes the following issues: Security issues: * CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation (bsc#1265591). * CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records (bsc#1265592). * CVE-2026-5946: Invalid handling of CLASS != IN (bsc#1265594). *CVE-2026-5947: SIG(0) validation during query flood may lead to undefined behavior (bsc#1265595). * CVE-2026-5950: Unbounded resend loop in BIND 9 resolver (bsc#1265596). Non security issue: * bind test failed with version 9.20.21 (bsc#1263494). * Upgrade to release 9.20.23 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2673=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2673=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * bind-utils-debuginfo-9.20.23-150700.3.25.1 * bind-utils-9.20.23-150700.3.25.1 * bind-debugsource-9.20.23-150700.3.25.1 * bind-debuginfo-9.20.23-150700.3.25.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * bind-debugsource-9.20.23-150700.3.25.1 * bind-9.20.23-150700.3.25.1 * bind-debuginfo-9.20.23-150700.3.25.1 * Server Applications Module 15-SP7 (noarch) * bind-doc-9.20.23-150700.3.25.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3039.html * https://www.suse.com/security/cve/CVE-2026-3592.html * https://www.suse.com/security/cve/CVE-2026-5946.html * https://www.suse.com/security/cve/CVE-2026-5947.html * https://www.suse.com/security/cve/CVE-2026-5950.html * https://bugzilla.suse.com/show_bug.cgi?id=1263494 * https://bugzilla.suse.com/show_bug.cgi?id=1265591 * https://bugzilla.suse.com/show_bug.cgi?id=1265592 * https://bugzilla.suse.com/show_bug.cgi?id=1265594 * https://bugzilla.suse.com/show_bug.cgi?id=1265595 * https://bugzilla.suse.com/show_bug.cgi?id=1265596 . Critical security update for BIND on SUSE addresses multiple vulnerabilities, enhancing system protection and stability.. SUSE Bind Security Update, Memory ExhaustionVulnerability, Important Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 Important SuSE
202

openSUSE bind Important Threats Memory Exhaustion Amplification 2026-2676-1

An update that solves five vulnerabilities can now be installed.. # Security update for bind Announcement ID: SUSE-SU-2026:2676-1 Release Date: 2026-06-29T09:53:56Z Rating: important References: * bsc#1265591 * bsc#1265592 * bsc#1265593 * bsc#1265594 * bsc#1265596 Cross-References: * CVE-2026-3039 * CVE-2026-3592 * CVE-2026-3593 * CVE-2026-5946 * CVE-2026-5950 CVSS scores: * CVE-2026-3039 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3039 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3592 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-3592 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-3593 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-3593 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-3593 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-5946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5950 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-5950 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for bind fixes the following issues * CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation (bsc#1265591). * CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records (bsc#1265592). * CVE-2026-5946: Invalid handling of CLASS != IN (bsc#1265594). * CVE-2026-5950: Unbounded resend loop in BIND 9 resolver (bsc#1265596). * CVE-2026-3593: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation(bsc#1265593). Changes for bind: * Update to release 9.18.49 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2676=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2676=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2676=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * bind-9.18.49-150600.3.26.1 * bind-utils-9.18.49-150600.3.26.1 * bind-debuginfo-9.18.49-150600.3.26.1 * bind-utils-debuginfo-9.18.49-150600.3.26.1 * bind-debugsource-9.18.49-150600.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * bind-doc-9.18.49-150600.3.26.1 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * bind-9.18.49-150600.3.26.1 * bind-utils-9.18.49-150600.3.26.1 * bind-debuginfo-9.18.49-150600.3.26.1 * bind-utils-debuginfo-9.18.49-150600.3.26.1 * bind-debugsource-9.18.49-150600.3.26.1 * openSUSE Leap 15.6 (noarch) * bind-doc-9.18.49-150600.3.26.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * bind-9.18.49-150600.3.26.1 * bind-utils-9.18.49-150600.3.26.1 * bind-debuginfo-9.18.49-150600.3.26.1 * bind-utils-debuginfo-9.18.49-150600.3.26.1 * bind-debugsource-9.18.49-150600.3.26.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * bind-doc-9.18.49-150600.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3039.html * https://www.suse.com/security/cve/CVE-2026-3592.html * https://www.suse.com/security/cve/CVE-2026-3593.html * https://www.suse.com/security/cve/CVE-2026-5946.html * https://www.suse.com/security/cve/CVE-2026-5950.html *https://bugzilla.suse.com/show_bug.cgi?id=1265591 * https://bugzilla.suse.com/show_bug.cgi?id=1265592 * https://bugzilla.suse.com/show_bug.cgi?id=1265593 * https://bugzilla.suse.com/show_bug.cgi?id=1265594 * https://bugzilla.suse.com/show_bug.cgi?id=1265596 . # Security update for bind Announcement ID: SUSE-SU-2026:2676-1 Release Date: 2026-06-29T09:53:56Z R. update, solves, vulnerabilities, installed, security, announce. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 Important OpenSUSE
100

SUSE 2026-2676-1 Bind Important Memory Exhaustion and Amplification Issues

An update that solves five vulnerabilities can now be installed.. # Security update for bind Announcement ID: SUSE-SU-2026:2676-1 Release Date: 2026-06-29T09:53:56Z Rating: important References: * bsc#1265591 * bsc#1265592 * bsc#1265593 * bsc#1265594 * bsc#1265596 Cross-References: * CVE-2026-3039 * CVE-2026-3592 * CVE-2026-3593 * CVE-2026-5946 * CVE-2026-5950 CVSS scores: * CVE-2026-3039 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3039 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3592 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-3592 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-3593 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-3593 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-3593 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-5946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5950 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-5950 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for bind fixes the following issues * CVE-2026-3039: BIND 9 server memory exhaustion during GSS-API TKEY negotiation (bsc#1265591). * CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records (bsc#1265592). * CVE-2026-5946: Invalid handling of CLASS != IN (bsc#1265594). * CVE-2026-5950: Unbounded resend loop in BIND 9 resolver (bsc#1265596). * CVE-2026-3593: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation(bsc#1265593). Changes for bind: * Update to release 9.18.49 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2676=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2676=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2676=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * bind-9.18.49-150600.3.26.1 * bind-utils-9.18.49-150600.3.26.1 * bind-debuginfo-9.18.49-150600.3.26.1 * bind-utils-debuginfo-9.18.49-150600.3.26.1 * bind-debugsource-9.18.49-150600.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * bind-doc-9.18.49-150600.3.26.1 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * bind-9.18.49-150600.3.26.1 * bind-utils-9.18.49-150600.3.26.1 * bind-debuginfo-9.18.49-150600.3.26.1 * bind-utils-debuginfo-9.18.49-150600.3.26.1 * bind-debugsource-9.18.49-150600.3.26.1 * openSUSE Leap 15.6 (noarch) * bind-doc-9.18.49-150600.3.26.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * bind-9.18.49-150600.3.26.1 * bind-utils-9.18.49-150600.3.26.1 * bind-debuginfo-9.18.49-150600.3.26.1 * bind-utils-debuginfo-9.18.49-150600.3.26.1 * bind-debugsource-9.18.49-150600.3.26.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * bind-doc-9.18.49-150600.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3039.html * https://www.suse.com/security/cve/CVE-2026-3592.html * https://www.suse.com/security/cve/CVE-2026-3593.html * https://www.suse.com/security/cve/CVE-2026-5946.html * https://www.suse.com/security/cve/CVE-2026-5950.html *https://bugzilla.suse.com/show_bug.cgi?id=1265591 * https://bugzilla.suse.com/show_bug.cgi?id=1265592 * https://bugzilla.suse.com/show_bug.cgi?id=1265593 * https://bugzilla.suse.com/show_bug.cgi?id=1265594 * https://bugzilla.suse.com/show_bug.cgi?id=1265596 . Update for SUSE addressing important security issues in bind with multiple vulnerabilities needing attention.. SUSE Update, Bind Security, Memory Exhaustion, Amplification Issues. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200