Upstream information

CVE-2010-3614 at MITRE

Description

named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.4
Vector AV:N/AC:L/Au:N/C:N/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 657102 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • bind-libs >= 9.9.5P1-1.10
  • bind-libs-32bit >= 9.9.5P1-1.10
  • bind-utils >= 9.9.5P1-1.10
Patchnames:
SUSE Linux Enterprise Desktop 12 GA bind-libs-32bit
SUSE Linux Enterprise Desktop 12 SP1
  • bind-libs >= 9.9.6P1-30.2
  • bind-libs-32bit >= 9.9.6P1-30.2
  • bind-utils >= 9.9.6P1-30.2
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA bind-libs-32bit
SUSE Linux Enterprise Desktop 12 SP2
  • bind-libs >= 9.9.9P1-46.1
  • bind-libs-32bit >= 9.9.9P1-46.1
  • bind-utils >= 9.9.9P1-46.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA bind-libs-32bit
SUSE Linux Enterprise Desktop 12 SP3
  • bind-libs >= 9.9.9P1-62.1
  • bind-libs-32bit >= 9.9.9P1-62.1
  • bind-utils >= 9.9.9P1-62.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP3 GA bind-libs-32bit
SUSE Linux Enterprise Module for Basesystem 15
  • bind-devel >= 9.11.2-10.4
  • bind-utils >= 9.11.2-10.4
  • libbind9-160 >= 9.11.2-10.4
  • libdns169 >= 9.11.2-10.4
  • libirs-devel >= 9.11.2-10.4
  • libirs160 >= 9.11.2-10.4
  • libisc166 >= 9.11.2-10.4
  • libisccc160 >= 9.11.2-10.4
  • libisccfg160 >= 9.11.2-10.4
  • liblwres160 >= 9.11.2-10.4
  • python3-bind >= 9.11.2-10.4
Patchnames:
SUSE Linux Enterprise Module for Basesystem 15 GA bind-devel
SUSE Linux Enterprise Module for Server Applications 15
  • bind >= 9.11.2-10.4
  • bind-chrootenv >= 9.11.2-10.4
  • bind-doc >= 9.11.2-10.4
Patchnames:
SUSE Linux Enterprise Module for Server Applications 15 GA bind
SUSE Linux Enterprise Server 12
  • bind >= 9.9.5P1-1.7
  • bind-chrootenv >= 9.9.5P1-1.7
  • bind-doc >= 9.9.5P1-1.7
  • bind-libs >= 9.9.5P1-1.7
  • bind-libs-32bit >= 9.9.5P1-1.10
  • bind-utils >= 9.9.5P1-1.7
Patchnames:
SUSE Linux Enterprise Server 12 GA bind
SUSE Linux Enterprise Server 12 SP1
  • bind >= 9.9.6P1-30.2
  • bind-chrootenv >= 9.9.6P1-30.2
  • bind-doc >= 9.9.6P1-30.2
  • bind-libs >= 9.9.6P1-30.2
  • bind-libs-32bit >= 9.9.6P1-30.2
  • bind-utils >= 9.9.6P1-30.2
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA bind
SUSE Linux Enterprise Server 12 SP2
  • bind >= 9.9.9P1-46.1
  • bind-chrootenv >= 9.9.9P1-46.1
  • bind-doc >= 9.9.9P1-46.1
  • bind-libs >= 9.9.9P1-46.1
  • bind-libs-32bit >= 9.9.9P1-46.1
  • bind-utils >= 9.9.9P1-46.1
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA bind
SUSE Linux Enterprise Server 12 SP3
  • bind >= 9.9.9P1-62.1
  • bind-chrootenv >= 9.9.9P1-62.1
  • bind-doc >= 9.9.9P1-62.1
  • bind-libs >= 9.9.9P1-62.1
  • bind-libs-32bit >= 9.9.9P1-62.1
  • bind-utils >= 9.9.9P1-62.1
Patchnames:
SUSE Linux Enterprise Server 12 SP3 GA bind
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • bind >= 9.9.9P1-46.1
  • bind-chrootenv >= 9.9.9P1-46.1
  • bind-doc >= 9.9.9P1-46.1
  • bind-libs >= 9.9.9P1-46.1
  • bind-utils >= 9.9.9P1-46.1
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA bind
SUSE Linux Enterprise Software Development Kit 12
  • bind-devel >= 9.9.5P1-1.10
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA bind-devel
SUSE Linux Enterprise Software Development Kit 12 SP1
  • bind-devel >= 9.9.6P1-30.2
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA bind-devel
SUSE Linux Enterprise Software Development Kit 12 SP2
  • bind-devel >= 9.9.9P1-46.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP2 GA bind-devel
SUSE Linux Enterprise Software Development Kit 12 SP3
  • bind-devel >= 9.9.9P1-62.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP3 GA bind-devel
openSUSE 11.2
  • bind-debuginfo >= 9.6.1P3-1.3.1
  • bind-debugsource >= 9.6.1P3-1.3.1
  • bind-libs-debuginfo >= 9.6.1P3-1.3.1
  • bind-libs-debuginfo-32bit >= 9.6.1P3-1.3.1
  • bind-utils-debuginfo >= 9.6.1P3-1.3.1
openSUSE 11.2
  • bind >= 9.6.1P3-1.3.1
  • bind-chrootenv >= 9.6.1P3-1.3.1
  • bind-devel >= 9.6.1P3-1.3.1
  • bind-doc >= 9.6.1P3-1.3.1
  • bind-libs >= 9.6.1P3-1.3.1
  • bind-libs-32bit >= 9.6.1P3-1.3.1
  • bind-utils >= 9.6.1P3-1.3.1
openSUSE 11.3
  • bind-debuginfo >= 9.7.1P2-0.4.1
  • bind-debugsource >= 9.7.1P2-0.4.1
  • bind-libs-debuginfo >= 9.7.1P2-0.4.1
  • bind-libs-debuginfo-32bit >= 9.7.1P2-0.4.1
  • bind-utils-debuginfo >= 9.7.1P2-0.4.1
openSUSE 11.3
  • bind >= 9.7.1P2-0.4.1
  • bind-chrootenv >= 9.7.1P2-0.4.1
  • bind-devel >= 9.7.1P2-0.4.1
  • bind-doc >= 9.7.1P2-0.4.1
  • bind-libs >= 9.7.1P2-0.4.1
  • bind-libs-32bit >= 9.7.1P2-0.4.1
  • bind-utils >= 9.7.1P2-0.4.1
openSUSE Leap 15.0
  • bind >= 9.11.2-lp150.7.2
  • bind-chrootenv >= 9.11.2-lp150.7.2
  • bind-utils >= 9.11.2-lp150.7.2
  • libbind9-160 >= 9.11.2-lp150.7.2
  • libdns169 >= 9.11.2-lp150.7.2
  • libirs160 >= 9.11.2-lp150.7.2
  • libisc166 >= 9.11.2-lp150.7.2
  • libisccc160 >= 9.11.2-lp150.7.2
  • libisccfg160 >= 9.11.2-lp150.7.2
  • liblwres160 >= 9.11.2-lp150.7.2
  • python3-bind >= 9.11.2-lp150.7.2
Patchnames:
openSUSE Leap 15.0 GA bind
openSUSE Leap 42.1
  • bind >= 9.9.6P1-25.2
  • bind-chrootenv >= 9.9.6P1-25.2
  • bind-doc >= 9.9.6P1-25.2
  • bind-libs >= 9.9.6P1-25.2
  • bind-utils >= 9.9.6P1-25.2
Patchnames:
openSUSE Leap 42.1 GA bind
openSUSE Leap 42.2
  • bind >= 9.9.9P1-41.1
  • bind-chrootenv >= 9.9.9P1-41.1
  • bind-doc >= 9.9.9P1-41.1
  • bind-libs >= 9.9.9P1-41.1
  • bind-utils >= 9.9.9P1-41.1
Patchnames:
openSUSE Leap 42.2 GA bind
openSUSE Leap 42.3
  • bind >= 9.9.9P1-51.1
  • bind-chrootenv >= 9.9.9P1-51.1
  • bind-doc >= 9.9.9P1-51.1
  • bind-libs >= 9.9.9P1-51.1
  • bind-utils >= 9.9.9P1-51.1
Patchnames:
openSUSE Leap 42.3 GA bind
openSUSE Tumbleweed
  • bind >= 9.10.3P4-21.1
  • bind-chrootenv >= 9.10.3P4-21.1
  • bind-devel >= 9.10.3P4-21.1
  • bind-devel-32bit >= 9.10.3P4-21.1
  • bind-doc >= 9.10.3P4-21.1
  • bind-lwresd >= 9.10.3P4-21.1
  • bind-utils >= 9.10.3P4-21.1
  • idnkit >= 1.0-21.1
  • idnkit-devel >= 1.0-21.1
  • idnkit-devel-32bit >= 1.0-21.1
  • libbind9-140 >= 9.10.3P4-21.1
  • libbind9-140-32bit >= 9.10.3P4-21.1
  • libdns162 >= 9.10.3P4-21.1
  • libdns162-32bit >= 9.10.3P4-21.1
  • libidnkit1 >= 1.0-21.1
  • libidnkit1-32bit >= 1.0-21.1
  • libidnkitlite1 >= 1.0-21.1
  • libidnkitlite1-32bit >= 1.0-21.1
  • libidnkitres1 >= 1.0-21.1
  • libidnkitres1-32bit >= 1.0-21.1
  • libirs-devel >= 9.10.3P4-21.1
  • libirs141 >= 9.10.3P4-21.1
  • libirs141-32bit >= 9.10.3P4-21.1
  • libisc160 >= 9.10.3P4-21.1
  • libisc160-32bit >= 9.10.3P4-21.1
  • libisccc140 >= 9.10.3P4-21.1
  • libisccc140-32bit >= 9.10.3P4-21.1
  • libisccfg140 >= 9.10.3P4-21.1
  • libisccfg140-32bit >= 9.10.3P4-21.1
  • liblwres141 >= 9.10.3P4-21.1
  • liblwres141-32bit >= 9.10.3P4-21.1
Patchnames:
openSUSE Tumbleweed GA bind