[CLSA-2022:1664475166] Fix CVE(s): CVE-2022-38177, CVE-2022-2795
Type:
security
Severity:
Important
Release date:
2022-09-29 18:12:46 UTC
Description:
* SECURITY UPDATE: degrade resolver performance - debian/patches/CVE-2022-2795.patch: adds limits in fctx_getaddresses to avoid spending excessive amounts of time on processing large delegations in resolver code in lib/dns/resolver.c. - CVE-2022-2795 * SECURITY UPDATE: memory leak - debian/patches/CVE-2022-38177.patch: avoid return DST_RET when there is a signature length mismatch in lib/dns/opensslecdsa_link.c. - CVE-2022-38177
Updated packages:
  • bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:3138adc7bd13de0fdededd7110032ed095ba9cc7
  • bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_all.deb
    sha:02900a816de49551c8e4f0a3049e2f29efee91f3
  • bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:e02a746dc7e78a69d156bad84091a974db987423
  • bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:570b673addf5a6eeaed1144bac324ecff93442c7
  • dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:62bfda5227783a2b027a46e90f2797179c765aea
  • host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_all.deb
    sha:49e0c43c9ceb5c7aa396ff0c289da4018f27e77c
  • libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:04be1c4cbd0eacec5afc1e42006b1a11f2fc955c
  • libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:7a40e2fd5c5da36b966e68cedb3f8ae486cfbc01
  • libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:6821fc7f77f07cff6435b6f74360f235d3c833c7
  • libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:3e527374eacc38073e1313e2704f220b75dce9c0
  • libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:618d14fecfbfa1ecb6c637f5c666dbba64f3a12d
  • libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:e230a4e9ea854ddad416f61419fc82bafc352ff1
  • libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:c593522aa50e43e76f907ebc38eb44810c4f764e
  • libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:36ce1924741eac7278136b89e61d4799a5482713
  • libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:2ba0d573201b46bee457091793f29ad1651be81b
  • libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:5b2a189a099ff66ce2deb1e213b2944f43793f2c
  • libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:8d4b718aa66cf8355ac5976df450fe31a60083fa
  • libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:a9262e963fe73f594fdcbf07ecae58dba4563119
  • libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:3bcc7691ede99d0a72a4d3f6e478e163abb77eee
  • liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:ac4298f72617911e12a51e86b33e4869a5b0300e
  • lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els3_amd64.deb
    sha:65104cef374938a2fb0e289ebd0384629961e7a4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.