Bug 32323

Summary: bind new security issues CVE-2023-2828 and CVE-2023-3341
Product: Mageia Reporter: Nicolas Salguero <nicolas.salguero>
Component: SecurityAssignee: All Packagers <pkg-bugs>
Status: RESOLVED OLD QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: luigiwalser, mageia, marja11, nicolas.salguero, pkg-bugs, security
Version: 8   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: bind-9.18.15-2.mga9.src.rpm CVE:
Status comment:
Bug Depends on: 32039    
Bug Blocks:    

Description Nicolas Salguero 2023-09-26 10:38:34 CEST 
+++ This bug was initially created as a clone of Bug #32039 +++

ISC has issued advisories on June 21:
https://kb.isc.org/docs/cve-2023-2828

The issues are fixed upstream in 9.18.19:
https://downloads.isc.org/isc/bind9/9.18.19/doc/arm/html/notes.html#notes-for-bind-9-18-19

Patches are here:
https://downloads.isc.org/isc/bind9/9.16.42/patches/
https://downloads.isc.org/isc/bind9/9.18.16/patches/

Slackware has issued an advisory for CVE-2023-3341 on September 21:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.348276
Comment 1 Marja Van Waes 2023-09-26 14:01:35 CEST 
Assigning to the reporter, because he is the registered maintainer for this package ;-)

Thanks for the tremendous work you do, Nicolas

Assignee: bugsquad => nicolas.salguero
CC: (none) => marja11

Nicolas Salguero 2023-10-12 13:57:22 CEST

Assignee: nicolas.salguero => pkg-bugs

Comment 2 Nicolas Salguero 2024-01-08 09:59:29 CET 
Mageia 8 EOL

Resolution: (none) => OLD
Status: NEW => RESOLVED