167 lines
6.9 KiB
JSON
167 lines
6.9 KiB
JSON
{
|
||
"Definition": [
|
||
{
|
||
"ID": "oval:org.altlinux.errata:def:202412367",
|
||
"Version": "oval:org.altlinux.errata:def:202412367",
|
||
"Class": "patch",
|
||
"Metadata": {
|
||
"Title": "ALT-PU-2024-12367: package `bind` update to version 9.11.37-alt1.p9.2",
|
||
"AffectedList": [
|
||
{
|
||
"Family": "unix",
|
||
"Platforms": [
|
||
"ALT Linux branch p9"
|
||
],
|
||
"Products": [
|
||
"ALT Server",
|
||
"ALT Virtualization Server",
|
||
"ALT Workstation",
|
||
"ALT Workstation K",
|
||
"ALT Education",
|
||
"Simply Linux",
|
||
"Starterkit"
|
||
]
|
||
}
|
||
],
|
||
"References": [
|
||
{
|
||
"RefID": "ALT-PU-2024-12367",
|
||
"RefURL": "https://errata.altlinux.org/ALT-PU-2024-12367",
|
||
"Source": "ALTPU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2024-05964",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2024-05964",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "BDU:2024-06188",
|
||
"RefURL": "https://bdu.fstec.ru/vul/2024-06188",
|
||
"Source": "BDU"
|
||
},
|
||
{
|
||
"RefID": "CVE-2024-1737",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1737",
|
||
"Source": "CVE"
|
||
},
|
||
{
|
||
"RefID": "CVE-2024-1975",
|
||
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-1975",
|
||
"Source": "CVE"
|
||
}
|
||
],
|
||
"Description": "This update upgrades bind to version 9.11.37-alt1.p9.2. \nSecurity Fix(es):\n\n * BDU:2024-05964: Уязвимость DNS-сервера BIND, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2024-06188: Уязвимость DNS-сервера BIND, связанная с распределением ресурсов без ограничений и регулирования, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2024-1737: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.\nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.\n\n * CVE-2024-1975: If a server hosts a zone containing a \"KEY\" Resource Record, or a resolver DNSSEC-validates a \"KEY\" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests.\nThis issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.",
|
||
"Advisory": {
|
||
"From": "errata.altlinux.org",
|
||
"Severity": "High",
|
||
"Rights": "Copyright 2024 BaseALT Ltd.",
|
||
"Issued": {
|
||
"Date": "2024-09-24"
|
||
},
|
||
"Updated": {
|
||
"Date": "2024-09-24"
|
||
},
|
||
"BDUs": [
|
||
{
|
||
"ID": "BDU:2024-05964",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-770",
|
||
"Href": "https://bdu.fstec.ru/vul/2024-05964",
|
||
"Impact": "High",
|
||
"Public": "20240710"
|
||
},
|
||
{
|
||
"ID": "BDU:2024-06188",
|
||
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
||
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||
"CWE": "CWE-770",
|
||
"Href": "https://bdu.fstec.ru/vul/2024-06188",
|
||
"Impact": "High",
|
||
"Public": "20240723"
|
||
}
|
||
],
|
||
"CVEs": [
|
||
{
|
||
"ID": "CVE-2024-1737",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1737",
|
||
"Impact": "None",
|
||
"Public": "20240723"
|
||
},
|
||
{
|
||
"ID": "CVE-2024-1975",
|
||
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-1975",
|
||
"Impact": "None",
|
||
"Public": "20240723"
|
||
}
|
||
],
|
||
"AffectedCPEs": {
|
||
"CPEs": [
|
||
"cpe:/o:alt:kworkstation:9",
|
||
"cpe:/o:alt:workstation:9",
|
||
"cpe:/o:alt:server:9",
|
||
"cpe:/o:alt:server-v:9",
|
||
"cpe:/o:alt:education:9",
|
||
"cpe:/o:alt:slinux:9",
|
||
"cpe:/o:alt:starterkit:p9",
|
||
"cpe:/o:alt:kworkstation:9.1",
|
||
"cpe:/o:alt:workstation:9.1",
|
||
"cpe:/o:alt:server:9.1",
|
||
"cpe:/o:alt:server-v:9.1",
|
||
"cpe:/o:alt:education:9.1",
|
||
"cpe:/o:alt:slinux:9.1",
|
||
"cpe:/o:alt:starterkit:9.1",
|
||
"cpe:/o:alt:kworkstation:9.2",
|
||
"cpe:/o:alt:workstation:9.2",
|
||
"cpe:/o:alt:server:9.2",
|
||
"cpe:/o:alt:server-v:9.2",
|
||
"cpe:/o:alt:education:9.2",
|
||
"cpe:/o:alt:slinux:9.2",
|
||
"cpe:/o:alt:starterkit:9.2"
|
||
]
|
||
}
|
||
}
|
||
},
|
||
"Criteria": {
|
||
"Operator": "AND",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:1001",
|
||
"Comment": "ALT Linux must be installed"
|
||
}
|
||
],
|
||
"Criterias": [
|
||
{
|
||
"Operator": "OR",
|
||
"Criterions": [
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202412367001",
|
||
"Comment": "bind is earlier than 0:9.11.37-alt1.p9.2"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202412367002",
|
||
"Comment": "bind-devel is earlier than 0:9.11.37-alt1.p9.2"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202412367003",
|
||
"Comment": "bind-doc is earlier than 0:9.11.37-alt1.p9.2"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202412367004",
|
||
"Comment": "bind-utils is earlier than 0:9.11.37-alt1.p9.2"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202412367005",
|
||
"Comment": "libbind is earlier than 0:9.11.37-alt1.p9.2"
|
||
},
|
||
{
|
||
"TestRef": "oval:org.altlinux.errata:tst:202412367006",
|
||
"Comment": "lwresd is earlier than 0:9.11.37-alt1.p9.2"
|
||
}
|
||
]
|
||
}
|
||
]
|
||
}
|
||
}
|
||
]
|
||
} |