Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 54 articles for you...
89

Fedora 41: 2025-3551f3ba1b moderate: BIND DNS Fixes for Flooding

Update to 9.16.33 (#2342784) Security Fixes: DNS-over-HTTPS flooding fixes. (CVE-2024-12705) Limit additional section processing for large RDATA sets. (CVE-2024-11187) New Features:. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-3551f3ba1b 2025-02-12 01:35:52.622127+00:00 -------------------------------------------------------------------------------- Name : bind Product : Fedora 41 Version : 9.18.33 Release : 1.fc41 URL : https://www.isc.org/bind/ Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. -------------------------------------------------------------------------------- Update Information: Update to 9.16.33 (#2342784) Security Fixes: DNS-over-HTTPS flooding fixes. (CVE-2024-12705) Limit additional section processing for large RDATA sets. (CVE-2024-11187) New Features: Add a new option to configure the maximum number of outgoing queries per client request. Bug Fixes: Fix nsupdate hang when processing a large update. Fix possible assertion failure when reloading server while processing update policy rules. [GL #5006] Fix dnssec-signzone signing non-DNSKEY RRsets with revoked keys. Fix improper handling of unknown directives in resolv.conf. Upstream Release Notes -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 2 2025 Petr Menšík - 32:9.18.33-1 - Update to 9.16.33 (rhbz#2342784) * Fri Jan 17 2025 Petr Menšík - 32:9.18.32-4 - Add sysusers named user creation (rhbz#2105415) * Thu Dec 12 2024 Petr Menšík - 32:9.18.32-1 - Update to 9.18.32 (#2331675) - RemoveCHANGES file from package - Disable DLZ plugins, they are not shipped with bind anymore - Add new root key 38696 into package files too * Thu Dec 12 2024 Petr Menšík - 32:9.18.31-3 - Disable temporarily PDF generation on all platforms * Wed Dec 4 2024 Petr Menšík - 32:9.18.31-2 - Add nsupdate TLS support (FREEIPA-11706) - Include a test for nsupdate changes * Thu Nov 14 2024 Petr Menšík - 32:9.18.31-1 - Update to 9.18.31 (#2319214) * Thu Nov 14 2024 Petr Menšík - 32:9.18.30-3 - Bump obsoleted license version (rhbz#2308102) * Tue Oct 8 2024 Petr Menšík - 32:9.18.30-2 - Make OpenSSL engine support optional -------------------------------------------------------------------------------- References: [ 1 ] Bug #2319214 - bind-9.18.31 is available https://bugzilla.redhat.com/show_bug.cgi?id=2319214 [ 2 ] Bug #2331675 - bind-9.18.32 is available https://bugzilla.redhat.com/show_bug.cgi?id=2331675 [ 3 ] Bug #2342784 - bind-9.18.33 is available https://bugzilla.redhat.com/show_bug.cgi?id=2342784 [ 4 ] Bug #2342883 - CVE-2024-12705 bind: DNS-over-HTTPS implementation suffers from multiple issues under heavy query load [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2342883 [ 5 ] Bug #2342891 - CVE-2024-11187 bind: Many records in the additional section cause CPU exhaustion [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2342891 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-3551f3ba1b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- . The latest update for BIND 9.16.33 in Fedora 41 resolves DNS flooding vulnerabilities and improves overall security, as stated in advisory FEDORA-2025-3551f3ba1b.. dns flooding fix,binding updates,fedora advisories,service security updates,bind fixes. . LinuxSecurity.com Team

Calendar%202 Feb 12, 2025 Fedora
203

Mageia 9: 2024-0038 Critical: Bind Assertion Failures and CPU Load

The updated packages fix security vulnerabilities: Parsing large DNS messages may cause excessive CPU load. (CVE-2023-4408) Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled. (CVE-2023-5517) Enabling both DNS64 and serve-stale may cause an assertion failure . MGASA-2024-0038 - Updated bind packages fix security vulnerabilities Publication date: 15 Feb 2024 URL: https://advisories.mageia.org/MGASA-2024-0038.html Type: security Affected Mageia releases: 9 CVE: CVE-2023-4408, CVE-2023-5517, CVE-2023-5679, CVE-2023-50387, CVE-2023-50868 The updated packages fix security vulnerabilities: Parsing large DNS messages may cause excessive CPU load. (CVE-2023-4408) Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled. (CVE-2023-5517) Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution. (CVE-2023-5679) KeyTrap - Extreme CPU consumption in DNSSEC validator. (CVE-2023-50387) Preparing an NSEC3 closest encloser proof can exhaust CPU resources. (CVE-2023-50868) References: - https://bugs.mageia.org/show_bug.cgi?id=32846 - https://kb.isc.org/docs/cve-2023-4408 - https://kb.isc.org/docs/cve-2023-5517 - https://kb.isc.org/docs/cve-2023-5679 - https://kb.isc.org/docs/cve-2023-50387 - https://kb.isc.org/docs/cve-2023-50868 - https://downloads.isc.org/isc/bind9/9.18.24/doc/arm/html/notes.html#notes-for-bind-9-18-24 - https://www.cve.org/CVERecord?id=CVE-2023-4408 - https://www.cve.org/CVERecord?id=CVE-2023-5517 - https://www.cve.org/CVERecord?id=CVE-2023-5679 - https://www.cve.org/CVERecord?id=CVE-2023-50387 - https://www.cve.org/CVERecord?id=CVE-2023-50868 SRPMS: - 9/core/bind-9.18.15-2.3.mga9 . Recent updates to the bind packages in Mageia have addressed vulnerabilities related to security concerns, as well as resolved issues tied to CPU usage and assertion errors within DNS setups.. Bind Security Update, Mageia 9, DNS Issues, Security Fixes. . Severity: Critical.LinuxSecurity.com Team

Calendar%202 Feb 15, 2024 Critical Mageia
197

Debian 10 Buster: Critical Bind9 DoS Vulnerability DLA-3726-1 Alert

An issue has been discovered in BIND, a DNS server implementation. A stack exhaustion flaw was discovered in the control channel code . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3726-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz January 30, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : bind9 Version : 1:9.11.5.P4+dfsg-5.1+deb10u10 CVE ID : CVE-2023-3341 An issue has been discovered in BIND, a DNS server implementation. A stack exhaustion flaw was discovered in the control channel code which may result in denial of service (named daemon crash). For Debian 10 buster, this problem has been fixed in version 1:9.11.5.P4+dfsg-5.1+deb10u10. We recommend that you upgrade your bind9 packages. For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/bind9 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . BIND security patch resolves heap overflow vulnerability leading to service interruption. Update advised for Ubuntu administrators.. Bind9 Security, Debian LTS, Denial of Service Fix, DNS Server Update, Stack Exhaustion. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jan 30, 2024 Critical Debian LTS
91

Gentoo: GLSA-202401-05 critical: c-ares multiple issues

Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202401-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: c-ares: Multiple Vulnerabilities Date: January 05, 2024 Bugs: #807604, #807775, #892489, #905341 ID: 202401-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity. Background ========== c-ares is a C library for asynchronous DNS requests (including name resolves). Affected packages ================= Package Vulnerable Unaffected -------------- ------------ ------------ net-dns/c-ares < 1.19.0 > = 1.19.0 Description =========== Multiple vulnerabilities have been discovered in c-ares. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All c-ares users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-dns/c-ares-1.19.0" References ========== [ 1 ] CVE-2021-3672 https://nvd.nist.gov/vuln/detail/CVE-2021-3672 [ 2 ] CVE-2021-22930 https://nvd.nist.gov/vuln/detail/CVE-2021-22930 [ 3 ] CVE-2021-22931 https://nvd.nist.gov/vuln/detail/CVE-2021-22931 [ 4 ] CVE-2021-22939 https://nvd.nist.gov/vuln/detail/CVE-2021-22939 [ 5 ] CVE-2021-22940 https://nvd.nist.gov/vuln/detail/CVE-2021-22940 [ 6 ] CVE-2022-4904 https://nvd.nist.gov/vuln/detail/CVE-2022-4904 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202401-02 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo notifies users regarding security flaws in c-ares that pose risks to sensitive information and the overall stability of the system.. c-ares Security Issues,Gentoo Advisory,DNS Vulnerabilities,c-ares Update. . LinuxSecurity.com Team

Calendar%202 Jan 05, 2024 Gentoo
98

Red Hat Enterprise Linux 7: RHSA-2023:4152-01 Important: Bind Security Fix

An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: bind security update Advisory ID: RHSA-2023:4152-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:4152 Issue date: 2023-07-18 CVE Names: CVE-2023-2828 ==================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: named'sconfigured cache size limit can be significantly exceeded (CVE-2023-2828) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2216227 - CVE-2023-2828 bind: named's configured cache size limit can be significantly exceeded 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: bind-9.11.4-26.P2.el7_9.14.src.rpm noarch: bind-license-9.11.4-26.P2.el7_9.14.noarch.rpm x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.14.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm Red Hat Enterprise Linux Client Optional (v.7): x86_64: bind-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: bind-9.11.4-26.P2.el7_9.14.src.rpm noarch: bind-license-9.11.4-26.P2.el7_9.14.noarch.rpm x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.14.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v.7): x86_64: bind-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: bind-9.11.4-26.P2.el7_9.14.src.rpm noarch: bind-license-9.11.4-26.P2.el7_9.14.noarch.rpm ppc64: bind-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-chroot-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.ppc.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.ppc.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-libs-9.11.4-26.P2.el7_9.14.ppc.rpm bind-libs-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.ppc.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.ppc.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-utils-9.11.4-26.P2.el7_9.14.ppc64.rpm ppc64le: bind-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-chroot-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-libs-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-pkcs11-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-utils-9.11.4-26.P2.el7_9.14.ppc64le.rpm s390x: bind-9.11.4-26.P2.el7_9.14.s390x.rpm bind-chroot-9.11.4-26.P2.el7_9.14.s390x.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.s390.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.s390x.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.s390.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.s390x.rpm bind-libs-9.11.4-26.P2.el7_9.14.s390.rpm bind-libs-9.11.4-26.P2.el7_9.14.s390x.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.s390.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.s390x.rpm bind-pkcs11-9.11.4-26.P2.el7_9.14.s390x.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.s390.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.s390x.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.14.s390x.rpm bind-utils-9.11.4-26.P2.el7_9.14.s390x.rpm x86_64: bind-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): ppc64: bind-debuginfo-9.11.4-26.P2.el7_9.14.ppc.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-devel-9.11.4-26.P2.el7_9.14.ppc.rpm bind-devel-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.ppc.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.ppc.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.ppc.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-sdb-9.11.4-26.P2.el7_9.14.ppc64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.14.ppc64.rpm ppc64le: bind-debuginfo-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-devel-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-sdb-9.11.4-26.P2.el7_9.14.ppc64le.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.14.ppc64le.rpm s390x: bind-debuginfo-9.11.4-26.P2.el7_9.14.s390.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.s390x.rpm bind-devel-9.11.4-26.P2.el7_9.14.s390.rpm bind-devel-9.11.4-26.P2.el7_9.14.s390x.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.s390.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.s390x.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.s390.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.s390x.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.s390.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.s390x.rpm bind-sdb-9.11.4-26.P2.el7_9.14.s390x.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.14.s390x.rpm x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.14.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: bind-9.11.4-26.P2.el7_9.14.src.rpm noarch: bind-license-9.11.4-26.P2.el7_9.14.noarch.rpm x86_64: bind-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bind-debuginfo-9.11.4-26.P2.el7_9.14.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-2828 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJktmwwAAoJENzjgjWX9erECFkP/jpr6CGwrkKLSxCbe0xj2xKM x4FbFmc0gvzGIBCbVez971Z6+sOqn5SoeLEpOFKGQAZcz3LeDdNRRTC9aahZ/M++ ki5wzcyXrxaCQ00uwPIO60RiKs1XeS6TwGx+FKM29WH4NED1bfEJTm+7OofPoNzu wuVgoHK0qbnuSFNJqmijDnE2/55vLo1EAzLac/jE0Dk1CUwDFXk8gh69xxK/AMKk 8i1bp2mpdLiDnfAcW/ZQbmfPfJ4zrCkVCbhfLIc+J2zEd7DGoNdnU5m8UDKa5ejF 7FIRiHWMO5kFFkIdkDNEcykrihAUFLbapMl+GLtWAIIMc98LN3+DSssSjIcUVDxq pjIRK6+m1SW8oYLonAiuU/EkVuV17aOm+6SvWwmO7GRsDtpE6fOErBCwqgkxp5+6 Clg37d5g0lGGjWWrxEdIc/+ynYzo/KEZv8H5XtemrOnn/r+fyqzbu8w73s1lvfrt fMi5mpWJABLv/Iv6l+7TJ77m9b3E9JJFG524+b/xuJDMazOHb3sQj7AHKwo2BNU/ jvdXWYP0v3FcYayoGI7zS4nrmORKGZ0cdMi+sD00aOkS8o5Y4gLwxS8+XU6YmaEM arIrgSRp43QxkXWYkAfUWXkB6Ar9rXQg7ScEgXNHR0U4mzvG/QwXtMER2OnAp801 X3CKula1WG3vwo9ldiQV =btLY -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Significant news concerning bind within Red Hat Enterprise Linux 7 has been classified with a notable security concern; further information and corrective measures are detailed.. Red Hat Updates, Bind Security, Enterprise Linux Security, Bind Update Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 18, 2023 Important Red Hat
87

Debian DSA-5441-1: Critical Security Update for Maradns Denial of Service

Brief introduction Two vulnerbilities were found in maradns, an open source domain name system (DNS) implementation, that may lead to denial of service and . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5441-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Aron Xu June 29, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : maradns CVE ID : CVE-2022-30256 CVE-2023-31137 Debian Bug : 1033252 1035936 Brief introduction Two vulnerbilities were found in maradns, an open source domain name system (DNS) implementation, that may lead to denial of service and unintended domain name resolution. For the oldstable distribution (bullseye), these problems have been fixed in version 2.0.13-1.4+deb11u1. We recommend that you upgrade your maradns packages. For the detailed security status of maradns please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/maradns Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu Security Notice USN-5800-1 concerns vulnerabilities in maradns that could lead to denial of service and domain resolution problems.. Debian Security, Maradns Update, Security Patch, Denial Of Service, Open Source DNS. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 29, 2023 Critical Debian
89

Fedora 37 Security Update 2023-cdce244fb8: Critical MaraDNS Issue

Security fix for CVE-2023-31137, CVE-2022-30256. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-cdce244fb8 2023-05-25 00:59:24.928504 --------------------------------------------------------------------------------Name : maradns Product : Fedora 37 Version : 3.5.0036 Release : 1.fc37 URL : https://maradns.samiam.org/ Summary : Authoritative and recursive DNS server made with security in mind Description : MaraDNS is a package that implements the Domain Name Service (DNS), an essential internet service. MaraDNS has the following advantages: * Secure. * Supported. * Easy to use. * Small. * Open Source. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2023-31137, CVE-2022-30256 --------------------------------------------------------------------------------ChangeLog: * Tue May 16 2023 Tomasz Torcz - 3.5.0036-1 - new version 3.5.0036 (rhbz#2149110, rhbz#2180267) - fixes CVE-2023-31137 (rhbz#2207551) --------------------------------------------------------------------------------References: [ 1 ] Bug #2207550 - CVE-2023-31137 maradns: integer underflow in DNS packet decompression https://bugzilla.redhat.com/show_bug.cgi?id=2207550 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-cdce244fb8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Important release for Fedora 37 tackling vulnerabilities in MaraDNS, boosting stability and protection of the DNS server.. Fedora 37 Update, MaraDNS Security, DNS Server Evasion, Open Source Security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 25, 2023 Critical Fedora
98

RedHat 8: RHSA-2022-6207 Major Vulnerability Found in Glibc Memory Handling

An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: systemd security update Advisory ID: RHSA-2022:6206-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:6206 Issue date: 2022-08-29 CVE Names: CVE-2022-2526 ==================================================================== 1. Summary: An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es): * systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c (CVE-2022-2526) For more details about the security issue(s), including the impact, aCVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2109926 - CVE-2022-2526 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c 6. Package List: Red Hat Enterprise Linux BaseOS (v.8): Source: systemd-239-58.el8_6.4.src.rpm aarch64: systemd-239-58.el8_6.4.aarch64.rpm systemd-container-239-58.el8_6.4.aarch64.rpm systemd-container-debuginfo-239-58.el8_6.4.aarch64.rpm systemd-debuginfo-239-58.el8_6.4.aarch64.rpm systemd-debugsource-239-58.el8_6.4.aarch64.rpm systemd-devel-239-58.el8_6.4.aarch64.rpm systemd-journal-remote-239-58.el8_6.4.aarch64.rpm systemd-journal-remote-debuginfo-239-58.el8_6.4.aarch64.rpm systemd-libs-239-58.el8_6.4.aarch64.rpm systemd-libs-debuginfo-239-58.el8_6.4.aarch64.rpm systemd-pam-239-58.el8_6.4.aarch64.rpm systemd-pam-debuginfo-239-58.el8_6.4.aarch64.rpm systemd-tests-239-58.el8_6.4.aarch64.rpm systemd-tests-debuginfo-239-58.el8_6.4.aarch64.rpm systemd-udev-239-58.el8_6.4.aarch64.rpm systemd-udev-debuginfo-239-58.el8_6.4.aarch64.rpm ppc64le: systemd-239-58.el8_6.4.ppc64le.rpm systemd-container-239-58.el8_6.4.ppc64le.rpm systemd-container-debuginfo-239-58.el8_6.4.ppc64le.rpm systemd-debuginfo-239-58.el8_6.4.ppc64le.rpm systemd-debugsource-239-58.el8_6.4.ppc64le.rpm systemd-devel-239-58.el8_6.4.ppc64le.rpm systemd-journal-remote-239-58.el8_6.4.ppc64le.rpm systemd-journal-remote-debuginfo-239-58.el8_6.4.ppc64le.rpm systemd-libs-239-58.el8_6.4.ppc64le.rpm systemd-libs-debuginfo-239-58.el8_6.4.ppc64le.rpm systemd-pam-239-58.el8_6.4.ppc64le.rpm systemd-pam-debuginfo-239-58.el8_6.4.ppc64le.rpm systemd-tests-239-58.el8_6.4.ppc64le.rpm systemd-tests-debuginfo-239-58.el8_6.4.ppc64le.rpm systemd-udev-239-58.el8_6.4.ppc64le.rpm systemd-udev-debuginfo-239-58.el8_6.4.ppc64le.rpm s390x: systemd-239-58.el8_6.4.s390x.rpm systemd-container-239-58.el8_6.4.s390x.rpm systemd-container-debuginfo-239-58.el8_6.4.s390x.rpm systemd-debuginfo-239-58.el8_6.4.s390x.rpm systemd-debugsource-239-58.el8_6.4.s390x.rpm systemd-devel-239-58.el8_6.4.s390x.rpm systemd-journal-remote-239-58.el8_6.4.s390x.rpm systemd-journal-remote-debuginfo-239-58.el8_6.4.s390x.rpm systemd-libs-239-58.el8_6.4.s390x.rpm systemd-libs-debuginfo-239-58.el8_6.4.s390x.rpm systemd-pam-239-58.el8_6.4.s390x.rpm systemd-pam-debuginfo-239-58.el8_6.4.s390x.rpm systemd-tests-239-58.el8_6.4.s390x.rpm systemd-tests-debuginfo-239-58.el8_6.4.s390x.rpm systemd-udev-239-58.el8_6.4.s390x.rpm systemd-udev-debuginfo-239-58.el8_6.4.s390x.rpm x86_64: systemd-239-58.el8_6.4.i686.rpm systemd-239-58.el8_6.4.x86_64.rpm systemd-container-239-58.el8_6.4.i686.rpm systemd-container-239-58.el8_6.4.x86_64.rpm systemd-container-debuginfo-239-58.el8_6.4.i686.rpm systemd-container-debuginfo-239-58.el8_6.4.x86_64.rpm systemd-debuginfo-239-58.el8_6.4.i686.rpm systemd-debuginfo-239-58.el8_6.4.x86_64.rpm systemd-debugsource-239-58.el8_6.4.i686.rpm systemd-debugsource-239-58.el8_6.4.x86_64.rpm systemd-devel-239-58.el8_6.4.i686.rpm systemd-devel-239-58.el8_6.4.x86_64.rpm systemd-journal-remote-239-58.el8_6.4.x86_64.rpm systemd-journal-remote-debuginfo-239-58.el8_6.4.i686.rpm systemd-journal-remote-debuginfo-239-58.el8_6.4.x86_64.rpm systemd-libs-239-58.el8_6.4.i686.rpm systemd-libs-239-58.el8_6.4.x86_64.rpm systemd-libs-debuginfo-239-58.el8_6.4.i686.rpm systemd-libs-debuginfo-239-58.el8_6.4.x86_64.rpm systemd-pam-239-58.el8_6.4.x86_64.rpm systemd-pam-debuginfo-239-58.el8_6.4.i686.rpm systemd-pam-debuginfo-239-58.el8_6.4.x86_64.rpm systemd-tests-239-58.el8_6.4.x86_64.rpm systemd-tests-debuginfo-239-58.el8_6.4.i686.rpm systemd-tests-debuginfo-239-58.el8_6.4.x86_64.rpm systemd-udev-239-58.el8_6.4.x86_64.rpm systemd-udev-debuginfo-239-58.el8_6.4.i686.rpm systemd-udev-debuginfo-239-58.el8_6.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-2526 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYw2otNzjgjWX9erEAQiR9A/+Lcc82rk+SP5y1uBqdkgGV6AFPEREgraF I8Q8ntGLFQTHZpzIfg9J9FMxfxGhXs/8rrhzD76IvEc1cFbooqNipNBPH0rLYxpA DZUcKsenqbF8Uql0s/N0UkWXA/lum4vxb82gcw20GGSB+l9FuFEBYs/d0KKEN4ZD PPWs2BYJhsqkOXgaDCx4bCfGW4giXdSHOOO0R/bJ0wr1rOqXOmW8rdpovVby5VYA oYvMnW8KO8zfVunpDV1mCt60jMm9jZgS9DYv5SjY1K/3PB7BjOkPRM8syhVpFGOD ca1yeICR9qEcCpTlZ1tRnCH3EtEjUYVCaq+RzvWrbfpIZaDS+qOINIFf5zWnzhY/ /NK71n9ZWXYsZ6ZFWtDuneGookFGKqqm1dBn+d/qIsgBu1x59xNaG0odupAjq+wQ s8FHtD6DxZY/ZzyUFqy8LjR3xlf4wPrYpUvZpopGbxULRGX0Gr2FsGDHrUDRGydq tsLJZvdPwebt7R+BKQ60A7Fx1lqRb/HqjSrsOekD6ALxVdiY8ENDldVv6V90cyxj 7F3CUfGgaA1BtUOpAg8f4jBdR8tG0ofPatmQ25shzdNYbXsVxyHV7RJ2bjL1r3BX LX9jvJkUJZOxYBnWG1BaNbmplCMJbHNq6PZgTA2tr0oQ2fepOKxGp7D327z0XV5/ U49f88Zz8rE=E+LL -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat has issued a significant security patch for systemd, correcting a severe use-after-free flaw in DNS.. RedHat Systemd Update, Linux Security Advisory, Important Systemd Fix, Red Hat Enterprise Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Aug 30, 2022 Important Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200