200 lines
9.5 KiB
JSON
200 lines
9.5 KiB
JSON
{
|
||
"Definition": [
|
||
{
|
||
"ID": "oval:org.altlinux.errata:def:202413685",
|
||
"Version": "oval:org.altlinux.errata:def:202413685",
|
||
"Class": "patch",
|
||
"Metadata": {
|
||
"Title": "ALT-PU-2024-13685: package `bind` update to version 9.18.30-alt0.c10f2.1",
|
||
"AffectedList": [
|
||
{
|
||
"Family": "unix",
|
||
"Platforms": [
|
||
"ALT Linux branch c10f1"
|
||
],
|
||
"Products": [
|
||
"ALT SP Workstation",
|
||
"ALT SP Server"
|
||
]
|
||
}
|
||
],
|
||
"References": [
|
||
{
|
||
"RefID": "ALT-PU-2024-13685",
|
||
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-13685",
|
||
"Source": "ALTPU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2024-05771",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2024-05771",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2024-05964",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2024-05964",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2024-06134",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2024-06134",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2024-06188",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2024-06188",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "CVE-2024-0760",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-0760",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2024-1737",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1737",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2024-1975",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1975",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2024-4076",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-4076",
|
||
"Source": "CVE"
|
||
}
|
||
],
|
||
"Description": "This update upgrades bind to version 9.18.30-alt0.c10f2.1. \nSecurity Fix(es):\n\n * BDU:2024-05771: Уязвимость DNS-сервера BIND, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-05964: Уязвимость DNS-сервера BIND, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-06134: Уязвимость DNS-сервера BIND, связанная с использованием функции assert() или похожего оператора, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-06188: Уязвимость DNS-сервера BIND, связанная с распределением ресурсов без ограничений и регулирования, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2024-0760: A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.\n\n * CVE-2024-1737: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.\nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.\n\n * CVE-2024-1975: If a server hosts a zone containing a \"KEY\" Resource Record, or a resolver DNSSEC-validates a \"KEY\" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.\nThis issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.\n\n * CVE-2024-4076: Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure.\nThis issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.\n\n * #49573: dig: DoH support not enabled\n\n * #51450: Невозможно получить статистику bind (rndc stats) со стандартным конфигурационным файлом",
|
||
"Advisory": {
|
||
"From": "errata.altlinux.org",
|
||
"Severity": "High",
|
||
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||
"Issued": {
|
||
"Date": "2024-10-28"
|
||
},
|
||
"Updated": {
|
||
"Date": "2024-10-28"
|
||
},
|
||
"BDUs": [
|
||
{
|
||
"ID": "BDU:2024-05771",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-400",
|
||
"Href": "https://bdu.fstec.ru/vul/2024-05771",
|
||
"Impact": "High",
|
||
"Public": "20240710"
|
||
},
|
||
{
|
||
"ID": "BDU:2024-05964",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-770",
|
||
"Href": "https://bdu.fstec.ru/vul/2024-05964",
|
||
"Impact": "High",
|
||
"Public": "20240710"
|
||
},
|
||
{
|
||
"ID": "BDU:2024-06134",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-617",
|
||
"Href": "https://bdu.fstec.ru/vul/2024-06134",
|
||
"Impact": "High",
|
||
"Public": "20240423"
|
||
},
|
||
{
|
||
"ID": "BDU:2024-06188",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-770",
|
||
"Href": "https://bdu.fstec.ru/vul/2024-06188",
|
||
"Impact": "High",
|
||
"Public": "20240723"
|
||
}
|
||
],
|
||
"CVEs": [
|
||
{
|
||
"ID": "CVE-2024-0760",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-0760",
|
||
"Impact": "High",
|
||
"Public": "20240723"
|
||
},
|
||
{
|
||
"ID": "CVE-2024-1737",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1737",
|
||
"Impact": "High",
|
||
"Public": "20240723"
|
||
},
|
||
{
|
||
"ID": "CVE-2024-1975",
|
||
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1975",
|
||
"Impact": "High",
|
||
"Public": "20240723"
|
||
},
|
||
{
|
||
"ID": "CVE-2024-4076",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-4076",
|
||
"Impact": "None",
|
||
"Public": "20240723"
|
||
}
|
||
],
|
||
"Bugzilla": [
|
||
{
|
||
"ID": "49573",
|
||
"Href": "https://bugzilla.altlinux.org/49573",
|
||
"Data": "dig: DoH support not enabled"
|
||
},
|
||
{
|
||
"ID": "51450",
|
||
"Href": "https://bugzilla.altlinux.org/51450",
|
||
"Data": "Невозможно получить статистику bind (rndc stats) со стандартным конфигурационным файлом"
|
||
}
|
||
],
|
||
"AffectedCPEs": {
|
||
"CPEs": [
|
||
"cpe:/o:alt:spworkstation:10",
|
||
"cpe:/o:alt:spserver:10"
|
||
]
|
||
}
|
||
}
|
||
},
|
||
"Criteria": {
|
||
"Operator": "AND",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:4001",
|
||
"Comment": "ALT Linux must be installed"
|
||
}
|
||
],
|
||
"Criterias": [
|
||
{
|
||
"Operator": "OR",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202413685001",
|
||
"Comment": "bind is earlier than 0:9.18.30-alt0.c10f2.1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202413685002",
|
||
"Comment": "bind-devel is earlier than 0:9.18.30-alt0.c10f2.1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202413685003",
|
||
"Comment": "bind-utils is earlier than 0:9.18.30-alt0.c10f2.1"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202413685004",
|
||
"Comment": "libbind is earlier than 0:9.18.30-alt0.c10f2.1"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
}
|
||
]
|
||
} |