[CLSA-2024:1727979720] Fix CVE(s): CVE-2024-1737
Type:
security
Severity:
Important
Release date:
2024-10-03 18:22:03 UTC
Description:
* SECURITY UPDATE: allocation of resources without limits or throttling - debian/patches/CVE-2024-1737-1: introduced new configurable limits that prevent the loading (into zones or into cache) of DNS resource records (RRs) that exceed them - debian/patches/CVE-2024-1737-2: add environment variable DNS_RDATASET_MAX_RECORDS, DNS_RBTDB_MAX_RTYPES to override hardcoded limits DDNS_RDATASET_MAX_RECORDS and DDNS_RBTDB_MAX_RTYPES. Add masterformat tests for testing RRsets.
Updated packages:
  • bind9_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:7a6d489a33b75151e9401ec2921b68f0df2e2777
  • bind9-doc_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_all.deb
    sha:752d2c69d08f837464444db54c83e8cf89a59501
  • bind9-host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:fdacb5c99e4f97096fb5125218ded78310925c76
  • bind9utils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:21621f0434f68bf8dca2f52d1af0b378309f1cb1
  • dnsutils_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:5a9dafc65c72d8425f765d0f4d96a370219e5fb6
  • host_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_all.deb
    sha:83efac2f42e8ac73a5706161315f1e14317c6f11
  • libbind-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:88b7f5b512bf02c171313ffa8cbb6484b76a4389
  • libbind-export-dev_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:2b838234e92eca77135e6f269e52d19d9f946d6d
  • libbind9-140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:7141001e32cd41589551ea800d9b7e7735d4fb9a
  • libdns-export162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:e87d4b19cef614ba4c4c39db0e26cb852d1c1a1d
  • libdns162_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:4b7fe372c14888625cb4b556c0bba3f0608c6696
  • libirs-export141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:1ce172489043509688f9e75a0966673636791e9a
  • libirs141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:167b22b9998b7f764bbeca47ae8749042dc68788
  • libisc-export160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:8df0b30f7621c9c4b5bcea206ca7b130208d859f
  • libisc160_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:877d1b022afb67bc7f336f2784f437c32afd4763
  • libisccc-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:b4a5d1b6fc68e7faa492131adaccffbe2f278fbb
  • libisccc140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:9bb8d1d1de7d86b8d97b57bb22721c0f1447b5b2
  • libisccfg-export140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:1388a972e4561f00f79674583d663586b1959191
  • libisccfg140_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:3b0952716a80b41ffb57dc4cdc19dc74bcd34569
  • liblwres141_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:fd6b42d66aa6627b0653c1667f7a0092a3855234
  • lwresd_9.10.3.dfsg.P4-8ubuntu1.19+tuxcare.els9_amd64.deb
    sha:bd3c65fdc10bdefe7293d6f875cf4ba057f0121a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.