Bug 1153993 - (CVE-2019-6475) VUL-0: CVE-2019-6475: bind: flaw in DNSSEC verification when transferring mirror zones
(CVE-2019-6475)
VUL-0: CVE-2019-6475: bind: flaw in DNSSEC verification when transferring mir...
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Josef Möllers
Security Team bot
https://smash.suse.de/issue/244906/
CVSSv3:SUSE:CVE-2019-6475:5.9:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-10-15 06:31 UTC by Alexander Bergmann
Modified: 2019-11-20 16:12 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 2 Marcus Meissner 2019-10-17 05:49:15 UTC
is public

Today (2019-10-16) ISC announced two vulnerabilities in our BIND 9 software.

   CVE-2019-6475, a DNSSEC validation bypass for mirror zones

   CVE-2019-6476, a flaw in QNAME minimization that can lead to
                  an assertion failure.

These issues affect all prior BIND 9.14 releases and all prior BIND 9.15
releases.

Our full CVE text can be found at:
   https://kb.isc.org/docs/cve-2019-6475
   https://kb.isc.org/docs/cve-2019-6476

New releases of BIND, including security fixes for this vulnerability,
are available at: www.isc.org/downloads/

Release notes for the new versions can be obtained using the following
links:

https://downloads.isc.org/isc/bind9/9.15.5/RELEASE-NOTES-bind-9.15.5.html
https://downloads.isc.org/isc/bind9/9.14.7/RELEASE-NOTES-bind-9.14.7.html

-- 
Brian Conry
ISC Support
Acting Security Officer
Comment 3 Alexander Bergmann 2019-11-20 16:12:42 UTC
Issue does not affect SUSE or openSUSE.