Security update for bind

Announcement ID:	SUSE-SU-2025:4222-1
Release Date:	2025-11-25T08:54:07Z
Rating:	important
References:	bsc#1252379 bsc#1252380
Cross-References:	CVE-2025-40778 CVE-2025-40780
CVSS scores:	CVE-2025-40778 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N CVE-2025-40778 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N CVE-2025-40778 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N CVE-2025-40780 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N CVE-2025-40780 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N CVE-2025-40780 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Affected Products:	SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Manager Client Tools for SLE Micro 5 SUSE Multi-Linux Manager Client Tools for SLE Micro 5

An update that solves two vulnerabilities can now be installed.

Description:

This update for bind fixes the following issues:

• CVE-2025-40778: Address various spoofing attacks (bsc#1252379).
• CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator (bsc#1252380).

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Multi-Linux Manager Client Tools for SLE Micro 5
  zypper in -t patch SUSE-MultiLinuxManagerTools-SLE-Micro-5-2025-4222=1
• SUSE Manager Client Tools for SLE Micro 5
  zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2025-4222=1

Package List:

• SUSE Multi-Linux Manager Client Tools for SLE Micro 5 (aarch64 ppc64le s390x x86_64)
  • libisc1606-9.16.6-150000.12.85.1
  • libbind9-1600-debuginfo-9.16.6-150000.12.85.1
  • libisccc1600-debuginfo-9.16.6-150000.12.85.1
  • bind-debugsource-9.16.6-150000.12.85.1
  • libisccfg1600-9.16.6-150000.12.85.1
  • libns1604-debuginfo-9.16.6-150000.12.85.1
  • libirs1601-9.16.6-150000.12.85.1
  • libisc1606-debuginfo-9.16.6-150000.12.85.1
  • libirs1601-debuginfo-9.16.6-150000.12.85.1
  • libisccfg1600-debuginfo-9.16.6-150000.12.85.1
  • libns1604-9.16.6-150000.12.85.1
  • bind-utils-9.16.6-150000.12.85.1
  • libdns1605-debuginfo-9.16.6-150000.12.85.1
  • bind-debuginfo-9.16.6-150000.12.85.1
  • libisccc1600-9.16.6-150000.12.85.1
  • libbind9-1600-9.16.6-150000.12.85.1
  • libdns1605-9.16.6-150000.12.85.1
  • bind-utils-debuginfo-9.16.6-150000.12.85.1
• SUSE Multi-Linux Manager Client Tools for SLE Micro 5 (noarch)
  • python3-bind-9.16.6-150000.12.85.1
• SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64)
  • libisc1606-9.16.6-150000.12.85.1
  • libisccfg1600-9.16.6-150000.12.85.1
  • libns1604-debuginfo-9.16.6-150000.12.85.1
  • libirs1601-9.16.6-150000.12.85.1
  • libns1604-9.16.6-150000.12.85.1
  • bind-utils-9.16.6-150000.12.85.1
  • libisccc1600-9.16.6-150000.12.85.1
  • libbind9-1600-9.16.6-150000.12.85.1
  • libdns1605-9.16.6-150000.12.85.1
• SUSE Manager Client Tools for SLE Micro 5 (aarch64_ilp32)
  • libisc1606-64bit-9.16.6-150000.12.85.1
  • libirs1601-64bit-9.16.6-150000.12.85.1
  • libisccc1600-64bit-9.16.6-150000.12.85.1
  • libbind9-1600-64bit-9.16.6-150000.12.85.1
  • libisccfg1600-64bit-9.16.6-150000.12.85.1
  • libdns1605-64bit-9.16.6-150000.12.85.1
• SUSE Manager Client Tools for SLE Micro 5 (noarch)
  • python3-bind-9.16.6-150000.12.85.1

References:

• https://www.suse.com/security/cve/CVE-2025-40778.html
• https://www.suse.com/security/cve/CVE-2025-40780.html
• https://bugzilla.suse.com/show_bug.cgi?id=1252379
• https://bugzilla.suse.com/show_bug.cgi?id=1252380