Bug 32323 - bind new security issues CVE-2023-2828 and CVE-2023-3341
Summary: bind new security issues CVE-2023-2828 and CVE-2023-3341
Status: RESOLVED OLD
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: All Packagers
QA Contact: Sec team
URL:
Whiteboard:
Keywords:
Depends on: 32039
Blocks:
  Show dependency treegraph
 
Reported: 2023-09-26 10:38 CEST by Nicolas Salguero
Modified: 2024-01-08 09:59 CET (History)
6 users (show)

See Also:
Source RPM: bind-9.18.15-2.mga9.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2023-09-26 10:38:34 CEST 
+++ This bug was initially created as a clone of Bug #32039 +++

ISC has issued advisories on June 21:
https://kb.isc.org/docs/cve-2023-2828

The issues are fixed upstream in 9.18.19:
https://downloads.isc.org/isc/bind9/9.18.19/doc/arm/html/notes.html#notes-for-bind-9-18-19

Patches are here:
https://downloads.isc.org/isc/bind9/9.16.42/patches/
https://downloads.isc.org/isc/bind9/9.18.16/patches/

Slackware has issued an advisory for CVE-2023-3341 on September 21:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.348276
Comment 1 Marja Van Waes 2023-09-26 14:01:35 CEST 
Assigning to the reporter, because he is the registered maintainer for this package ;-)

Thanks for the tremendous work you do, Nicolas

Assignee: bugsquad => nicolas.salguero
CC: (none) => marja11

Nicolas Salguero 2023-10-12 13:57:22 CEST

Assignee: nicolas.salguero => pkg-bugs

Comment 2 Nicolas Salguero 2024-01-08 09:59:29 CET 
Mageia 8 EOL

Resolution: (none) => OLD
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.