{"id":"SUSE-RU-2020:2915-1","summary":"Recommended update for bind","details":"This update for bind fixes the following issues:\n\nBind was updated to version 9.11.22\n\nNote:\n\n- bind is now more strict in regards to DNSSEC. If queries are not working,\n  check for DNSSEC issues. For instance, if bind is used in a namserver \n  forwarder chain, the forwarding DNS servers must support DNSSEC.\n\nThis upgrade also fixes the following security issues:\n\n* 5481.   [security]      'update-policy' rules of type 'subdomain' were\n                          incorrectly treated as 'zonesub' rules, which allowed\n                          keys used in 'subdomain' rules to update names outside\n                          of the specified subdomains. The problem was fixed by\n                          making sure 'subdomain' rules are again processed as\n                          described in the ARM. (CVE-2020-8624 bsc#1175443)\n* 5480.   [security]      When BIND 9 was compiled with native PKCS#11 support, it\n                          was possible to trigger an assertion failure in code\n                          determining the number of bits in the PKCS#11 RSA public\n                          key with a specially crafted packet. (CVE-2020-8623 bsc#1175443)\n* 5476.   [security]      It was possible to trigger an assertion failure when\n                          verifying the response to a TSIG-signed request.\n                          (CVE-2020-8622 bsc#1175443)\n\n- Suppress warning message about missing file. (bsc#1092283, bsc#1127583, bsc#1094236, bsc#1173983)\n  Added */etc/bind.keys* to *NAMED_CONF_INCLUDE_FILES* in */etc/sysconfig/named*.\n\n","modified":"2026-02-04T03:36:18.141320Z","published":"2020-10-13T15:33:50Z","related":["CVE-2020-8622","CVE-2020-8623","CVE-2020-8624"],"upstream":["CVE-2020-8622","CVE-2020-8623","CVE-2020-8624"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2020-2915/suse-ru-20202915-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1092283"},{"type":"REPORT","url":"https://bugzilla.suse.com/1094236"},{"type":"REPORT","url":"https://bugzilla.suse.com/1127583"},{"type":"REPORT","url":"https://bugzilla.suse.com/1173983"},{"type":"REPORT","url":"https://bugzilla.suse.com/1175443"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-8622"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-8623"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-8624"}],"affected":[{"package":{"name":"bind","ecosystem":"SUSE:OpenStack Cloud 9","purl":"pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%209"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.11.22-3.22.1"}]}],"ecosystem_specific":{"binaries":[{"libisc1107":"9.11.22-3.22.1","liblwres161":"9.11.22-3.22.1","libbind9-161":"9.11.22-3.22.1","bind":"9.11.22-3.22.1","bind-doc":"9.11.22-3.22.1","python-bind":"9.11.22-3.22.1","libirs161":"9.11.22-3.22.1","libisccfg163":"9.11.22-3.22.1","libisccc161":"9.11.22-3.22.1","bind-chrootenv":"9.11.22-3.22.1","libisc1107-32bit":"9.11.22-3.22.1","bind-utils":"9.11.22-3.22.1","libdns1110":"9.11.22-3.22.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:2915-1.json"}},{"package":{"name":"bind","ecosystem":"SUSE:OpenStack Cloud Crowbar 9","purl":"pkg:rpm/suse/bind&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.11.22-3.22.1"}]}],"ecosystem_specific":{"binaries":[{"libisc1107":"9.11.22-3.22.1","liblwres161":"9.11.22-3.22.1","libbind9-161":"9.11.22-3.22.1","bind":"9.11.22-3.22.1","bind-doc":"9.11.22-3.22.1","python-bind":"9.11.22-3.22.1","libirs161":"9.11.22-3.22.1","libisccfg163":"9.11.22-3.22.1","libisccc161":"9.11.22-3.22.1","bind-chrootenv":"9.11.22-3.22.1","libisc1107-32bit":"9.11.22-3.22.1","bind-utils":"9.11.22-3.22.1","libdns1110":"9.11.22-3.22.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:2915-1.json"}},{"package":{"name":"bind","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","purl":"pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.11.22-3.22.1"}]}],"ecosystem_specific":{"binaries":[{"libisc1107":"9.11.22-3.22.1","liblwres161":"9.11.22-3.22.1","libbind9-161":"9.11.22-3.22.1","bind":"9.11.22-3.22.1","bind-doc":"9.11.22-3.22.1","python-bind":"9.11.22-3.22.1","libirs161":"9.11.22-3.22.1","libisccfg163":"9.11.22-3.22.1","libisccc161":"9.11.22-3.22.1","bind-chrootenv":"9.11.22-3.22.1","libisc1107-32bit":"9.11.22-3.22.1","bind-utils":"9.11.22-3.22.1","libdns1110":"9.11.22-3.22.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:2915-1.json"}},{"package":{"name":"bind","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","purl":"pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.11.22-3.22.1"}]}],"ecosystem_specific":{"binaries":[{"bind-devel":"9.11.22-3.22.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:2915-1.json"}},{"package":{"name":"bind","ecosystem":"SUSE:Linux Enterprise Server 12 SP4-LTSS","purl":"pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.11.22-3.22.1"}]}],"ecosystem_specific":{"binaries":[{"libisc1107":"9.11.22-3.22.1","liblwres161":"9.11.22-3.22.1","libbind9-161":"9.11.22-3.22.1","bind":"9.11.22-3.22.1","bind-doc":"9.11.22-3.22.1","python-bind":"9.11.22-3.22.1","libirs161":"9.11.22-3.22.1","libisccfg163":"9.11.22-3.22.1","libisccc161":"9.11.22-3.22.1","bind-chrootenv":"9.11.22-3.22.1","libisc1107-32bit":"9.11.22-3.22.1","bind-utils":"9.11.22-3.22.1","libdns1110":"9.11.22-3.22.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:2915-1.json"}},{"package":{"name":"bind","ecosystem":"SUSE:Linux Enterprise Server 12 SP5","purl":"pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.11.22-3.22.1"}]}],"ecosystem_specific":{"binaries":[{"libisc1107":"9.11.22-3.22.1","liblwres161":"9.11.22-3.22.1","libbind9-161":"9.11.22-3.22.1","bind":"9.11.22-3.22.1","bind-doc":"9.11.22-3.22.1","python-bind":"9.11.22-3.22.1","libirs161":"9.11.22-3.22.1","libisccfg163":"9.11.22-3.22.1","libisccc161":"9.11.22-3.22.1","bind-chrootenv":"9.11.22-3.22.1","libisc1107-32bit":"9.11.22-3.22.1","bind-utils":"9.11.22-3.22.1","libdns1110":"9.11.22-3.22.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:2915-1.json"}},{"package":{"name":"bind","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","purl":"pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.11.22-3.22.1"}]}],"ecosystem_specific":{"binaries":[{"libisc1107":"9.11.22-3.22.1","liblwres161":"9.11.22-3.22.1","libbind9-161":"9.11.22-3.22.1","bind":"9.11.22-3.22.1","bind-doc":"9.11.22-3.22.1","python-bind":"9.11.22-3.22.1","libirs161":"9.11.22-3.22.1","libisccfg163":"9.11.22-3.22.1","libisccc161":"9.11.22-3.22.1","bind-chrootenv":"9.11.22-3.22.1","libisc1107-32bit":"9.11.22-3.22.1","bind-utils":"9.11.22-3.22.1","libdns1110":"9.11.22-3.22.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2020:2915-1.json"}}],"schema_version":"1.7.3"}