{"affected":[{"ecosystem_specific":{"binaries":[{"bind-utils":"9.16.48-150500.8.16.1","python3-bind":"9.16.48-150500.8.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP5","name":"bind","purl":"pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.16.48-150500.8.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"bind":"9.16.48-150500.8.16.1","bind-doc":"9.16.48-150500.8.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP5","name":"bind","purl":"pkg:rpm/suse/bind&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.16.48-150500.8.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"bind":"9.16.48-150500.8.16.1","bind-doc":"9.16.48-150500.8.16.1","bind-utils":"9.16.48-150500.8.16.1","python3-bind":"9.16.48-150500.8.16.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"bind","purl":"pkg:rpm/opensuse/bind&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"9.16.48-150500.8.16.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for bind fixes the following issues:\n\nUpdate to release 9.16.48:\n\n- CVE-2023-50387: Fixed a denial-of-service caused by DNS messages containing a lot of DNSSEC signatures (bsc#1219823).\n- CVE-2023-50868: Fixed a denial-of-service caused by NSEC3 closest encloser proof (bsc#1219826).\n- CVE-2023-4408: Fixed a denial-of-service caused by DNS messages with many different names (bsc#1219851).\n- CVE-2023-5517: Fixed a possible crash when nxdomain-redirect was enabled (bsc#1219852).\n- CVE-2023-5679: Fixed a possible crash when bad interaction between DNS64 and serve-stale, when both of these features are enabled (bsc#1219853).\n- CVE-2023-6516: Fixed excessive memory consumption when continuously trigger the cache database maintenance (bsc#1219854).\n","id":"SUSE-SU-2024:0574-1","modified":"2024-02-21T09:39:56Z","published":"2024-02-21T09:39:56Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20240574-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219823"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219826"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219851"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219852"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219853"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219854"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-4408"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-50387"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-50868"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5517"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5679"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-6516"}],"related":["CVE-2023-4408","CVE-2023-50387","CVE-2023-50868","CVE-2023-5517","CVE-2023-5679","CVE-2023-6516"],"summary":"Security update for bind","upstream":["CVE-2023-4408","CVE-2023-50387","CVE-2023-50868","CVE-2023-5517","CVE-2023-5679","CVE-2023-6516"]}