Bugzilla – Bug 1203618
VUL-0: CVE-2022-3080: bind: BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly
Last modified: 2022-11-28 13:47:09 UTC
Posted by Michał Kępień on Sep 21On 21 September 2022 we (Internet Systems Consortium) disclosed six vulnerabilities affecting our BIND 9 software:
SUSE-SU-2022:3767-1: An update that solves four vulnerabilities, contains one feature and has two fixes is now available.
Category: security (important)
Bug References: 1201689,1203250,1203614,1203618,1203619,1203620
CVE References: CVE-2022-2795,CVE-2022-3080,CVE-2022-38177,CVE-2022-38178
JIRA References: SLE-24600
openSUSE Leap 15.4 (src): bind-9.16.33-150400.5.11.1
SUSE Linux Enterprise Module for Server Applications 15-SP4 (src): bind-9.16.33-150400.5.11.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): bind-9.16.33-150400.5.11.1
NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
All maintained affected codestreams have been patched.