Category Archives: Advisories

Advisories

flatpak-runtime-f39-22 flatpak-sdk-f39-13

Read Time:15 Second

FEDORA-FLATPAK-2024-cd3bcdb139

Packages in this update:

flatpak-runtime-f39-22
flatpak-sdk-f39-13

Update description:

Updated flatpak runtime and SDK, including latest Fedora 39 security and bug-fix errata.

In addition, this update also includes updated nss 3.98.0 that’s needed for upcoming firefox 123.0 update.

Read More

Advisories

USN-6642-1: Bind vulnerabilities

Read Time:1 Minute, 11 Second

Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered
that Bind incorrectly handled parsing large DNS messages. A remote attacker
could possibly use this issue to cause Bind to consume resources, leading
to a denial of service. (CVE-2023-4408)

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered
that Bind icorrectly handled validating DNSSEC messages. A remote attacker
could possibly use this issue to cause Bind to consume resources, leading
to a denial of service. (CVE-2023-50387)

It was discovered that Bind incorrectly handled preparing an NSEC3 closest
encloser proof. A remote attacker could possibly use this issue to cause
Bind to consume resources, leading to a denial of service. (CVE-2023-50868)

It was discovered that Bind incorrectly handled reverse zone queries when
nxdomain-redirect is enabled. A remote attacker could possibly use this
issue to cause Bind to crash, leading to a denial of service.
(CVE-2023-5517)

It was discovered that Bind incorrectly handled certain specific recursive
query patterns. A remote attacker could possibly use this issue to cause
Bind to consume memory, leading to a denial of service. (CVE-2023-6516)

Bind has been updated to 9.6.48. In addition to security fixes, the updated
packages contain bug fixes, new features, and possibly incompatible
changes.

Please see the following for more information:
https://downloads.isc.org/isc/bind9/9.16.48/doc/arm/html/notes.html

Read More