var-202008-1238
Vulnerability from variot
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. runc is a CLI (command line interface) tool for building and running containers according to the OCI specification. BIND 9.0.0 to 9.11.21, 9.12.0 to 9.16.5, 9.17.0 to 9.17.3, 9.9.3-S1 to 9.11.21-S1 have security vulnerabilities, attackers can construct a special request to cause an assertion failure Causes the target service to end abnormally. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: bind security update Advisory ID: RHSA-2020:4183-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4183 Issue date: 2020-10-07 CVE Names: CVE-2020-8622 ==================================================================== 1. Summary:
An update for bind is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
- bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
1869473 - CVE-2020-8622 bind: truncated TSIG response can lead to an assertion failure
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: bind-9.8.2-0.68.rc1.el6_10.8.src.rpm
i386: bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-utils-9.8.2-0.68.rc1.el6_10.8.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: bind-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.8.i686.rpm
x86_64: bind-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: bind-9.8.2-0.68.rc1.el6_10.8.src.rpm
x86_64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: bind-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: bind-9.8.2-0.68.rc1.el6_10.8.src.rpm
i386: bind-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-utils-9.8.2-0.68.rc1.el6_10.8.i686.rpm
ppc64: bind-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.ppc.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.ppc.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm
s390x: bind-9.8.2-0.68.rc1.el6_10.8.s390x.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.8.s390x.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.s390.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.s390x.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.s390.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.s390x.rpm bind-utils-9.8.2-0.68.rc1.el6_10.8.s390x.rpm
x86_64: bind-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.8.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.ppc.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.ppc.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.s390.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.s390x.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.s390.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.s390x.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.8.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: bind-9.8.2-0.68.rc1.el6_10.8.src.rpm
i386: bind-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-utils-9.8.2-0.68.rc1.el6_10.8.i686.rpm
x86_64: bind-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.8.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-8622 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBX34ip9zjgjWX9erEAQggtxAAggiseLLM3omkfl5t8K2CgloI9VI+hsgl 8S2aF4eU4Fhp7mZT+bXuFhN7QxQNGCyqc6slFZrJUlBnQKvUOzDnu+zPF1C4t7N2 lhsIlwBBB1aBug89tOfmvAJ5o0mwtJgGuB2xfFoCm5QdlrSwgbt8ygQL9yfZDHGY 54wZfpQeSfN5celNJgZQabXvkLKZ2DZsn/CGjZ+UwmZeF2gPtSpdKihnMbO0EkaK cxSkwBNR4CLhc4DJ77HWn0jRHTfO4dhfGOTIM6DhvwErcWj7vN3mSGtKtflV47D4 wUUuwQ9RpmVLNpLBaAge6H9/lTb8P8SSkl07y9XLvPUu0iJhtkgZY9+s10JBSpNF 4McC7h6iDC38QNbGidB+YqIX+EDxpHQq8O7tWrOdnaaZF2/UU7NpfoF7cZXJTDqo 0r9LNvKV7WFGn66rsIEvyhke42iBKF3gZFgQA3OqLDGiQpK9C3lXBCsZMiQGY5fl XRjCfPl5jxg6/tIVWfjEJD0YdQ49ZdwOC/sU4eGmVKBRjhz/XKnaFhVoNVr9zpyK YFhfB0pdi4LFkr2XALRERfQXnduKpHT5ngw/GIvNhVfvXnqsacJ33Hf+EtvRbXi3 vx0mxmv4Sl+yRewSl4XOj24Cj2pb0QcUp8KyaiHm12lpVKHMBfWq8OsJwVuIOFHi Dn8VOOgqSzg=Q2qQ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.5.20. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHSA-2020:5119
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-rel ease-notes.html
This update fixes the following bug among others:
- Previously, the Prometheus swagger definition contained a
$refproperty which could not be resolved. This caused a runtime error to occur when using the Prometheus operand creation form. This was fixed by adding adefinitionsproperty to schema returned by thedefinitionForhelper function so that the$refproperty can resolve. There are no longer runtime errors when using the Prometheus operand creation form. (BZ#1885228)
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.5.20-x86_64
The image digest is sha256:78b878986d2d0af6037d637aa63e7b6f80fc8f17d0f0d5b077ac6aca83f792a0
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.5.20-s390x
The image digest is sha256:372d9aea634d36704d8500a2f940edb3867bfde14c0e5aa19534ea5ac90083d4
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.5.20-ppc64le
The image digest is sha256:030d8323cce90de6bc7ad4119ebb7f000bde06e742f6923faf76707ffe85634a
All OpenShift Container Platform 4.5 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.5/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor. Solution:
For OpenShift Container Platform 4.5 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.5/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/):
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS 1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs 1883268 - remove erroneously specified label drop rules 1885228 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users 1892585 - [release 4.5] cluster-monitoring-operator: Fix bug in reflector not recovering from "Too large resource version" 1893202 - e2e-operator flakes with "TestMetricsAccessible: prometheus returned unexpected results: timed out waiting for the condition" 1893742 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest 1894763 - Undiagnosed panic detected in pod 1894782 - OperatorHub generates incorrect RBAC 1895057 - Deleted netnamespace could not be re-created 1896990 - Console shows wrong value for maxUnavailable and maxSurge when set to 0
- Bugs fixed (https://bugzilla.redhat.com/):
1732329 - Virtual Machine is missing documentation of its properties in yaml editor
1783192 - Guest kernel panic when start RHEL6.10 guest with q35 machine type and virtio disk in cnv
1791753 - [RFE] [SSP] Template validator should check validations in template's parent template
1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic
1848954 - KMP missing CA extensions in cabundle of mutatingwebhookconfiguration
1848956 - KMP requires downtime for CA stabilization during certificate rotation
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1853911 - VM with dot in network name fails to start with unclear message
1854098 - NodeNetworkState on workers doesn't have "status" key due to nmstate-handler pod failure to run "nmstatectl show"
1856347 - SR-IOV : Missing network name for sriov during vm setup
1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS
1859235 - Common Templates - after upgrade there are 2 common templates per each os-workload-flavor combination
1860714 - No API information from oc explain
1860992 - CNV upgrade - users are not removed from privileged SecurityContextConstraints
1864577 - [v2v][RHV to CNV non migratable source VM fails to import to Ceph-rbd / File system due to overhead required for Filesystem
1866593 - CDI is not handling vm disk clone
1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
1868817 - Container-native Virtualization 2.6.0 Images
1873771 - Improve the VMCreationFailed error message caused by VM low memory
1874812 - SR-IOV: Guest Agent expose link-local ipv6 address for sometime and then remove it
1878499 - DV import doesn't recover from scratch space PVC deletion
1879108 - Inconsistent naming of "oc virt" command in help text
1881874 - openshift-cnv namespace is getting stuck if the user tries to delete it while CNV is running
1883232 - Webscale: kubevirt/CNV datavolume importer pod inability to disable sidecar injection if namespace has sidecar injection enabled but VM Template does NOT
1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability
1885153 - [v2v][RHV to CNv VM import] Wrong Network mapping do not show a relevant error message
1885418 - [openshift-cnv] issues with memory overhead calculation when limits are used
1887398 - [openshift-cnv][CNV] nodes need to exist and be labeled first, before the NodeNetworkConfigurationPolicy is applied
1889295 - [v2v][VMware to CNV VM import API] diskMappings: volumeMode Block is not passed on to PVC request.
1891285 - Common templates and kubevirt-config cm - update machine-type
1891440 - [v2v][VMware to CNV VM import API]Source VM with no network interface fail with unclear error
1892227 - [SSP] cluster scoped resources are not being reconciled
1893278 - openshift-virtualization-os-images namespace not seen by user
1893646 - [HCO] Pod placement configuration - dry run is not performed for all the configuration stanza
1894428 - Message for VMI not migratable is not clear enough
1894824 - [v2v][VM import] Pick the smallest template for the imported VM, and not always Medium
1894897 - [v2v][VMIO] VMimport CR is not reported as failed when target VM is deleted during the import
1895414 - Virt-operator is accepting updates to the placement of its workload components even with running VMs
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers
1898072 - Add Fedora33 to Fedora common templates
1898840 - [v2v] VM import VMWare to CNV Import 63 chars vm name should not fail
1899558 - CNV 2.6 - nmstate fails to set state
1901480 - VM disk io can't worked if namespace have label kubemacpool
1902046 - Not possible to edit CDIConfig (through CDI CR / CDIConfig)
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
1903014 - hco-webhook pod in CreateContainerError
1903585 - [v2v] Windows 2012 VM imported from RHV goes into Windows repair mode
1904797 - [VMIO][vmware] A migrated RHEL/Windows VM starts in emergency mode/safe mode when target storage is NFS and target namespace is NOT "default"
1906199 - [CNV-2.5] CNV Tries to Install on Windows Workers
1907151 - kubevirt version is not reported correctly via virtctl
1907352 - VM/VMI link changes to kubevirt.io~v1~VirtualMachineInstance on CNV 2.6
1907691 - [CNV] Configuring NodeNetworkConfigurationPolicy caused "Internal error occurred" for creating datavolume
1907988 - VM loses dynamic IP address of its default interface after migration
1908363 - Applying NodeNetworkConfigurationPolicy for different NIC than default disables br-ex bridge and nodes lose connectivity
1908421 - [v2v] [VM import RHV to CNV] Windows imported VM boot failed: INACCESSIBLE BOOT DEVICE error
1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference
1909458 - [V2V][VMware to CNV VM import via api using VMIO] VM import to Ceph RBD/BLOCK fails on "qemu-img: /data/disk.img" error
1910857 - Provide a mechanism to enable the HotplugVolumes feature gate via HCO
1911118 - Windows VMI LiveMigration / shutdown fails on 'XML error: non unique alias detected: ua-')
1911396 - Set networkInterfaceMultiqueue false in rhel 6 template for e1000e interface
1911662 - el6 guests don't work properly if virtio bus is specified on various devices
1912908 - Allow using "scsi" bus for disks in template validation
1913248 - Creating vlan interface on top of a bond device via NodeNetworkConfigurationPolicy fails
1913320 - Informative message needed with virtctl image-upload, that additional step is needed from the user
1913717 - Users should have read permitions for golden images data volumes
1913756 - Migrating to Ceph-RBD + Block fails when skipping zeroes
1914177 - CNV does not preallocate blank file data volumes
1914608 - Obsolete CPU models (kubevirt-cpu-plugin-configmap) are set on worker nodes
1914947 - HPP golden images - DV shoudld not be created with WaitForFirstConsumer
1917908 - [VMIO] vmimport pod fail to create when using ceph-rbd/block
1917963 - [CNV 2.6] Unable to install CNV disconnected - requires kvm-info-nfd-plugin which is not mirrored
1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
1920576 - HCO can report ready=true when it failed to create a CR for a component operator
1920610 - e2e-aws-4.7-cnv consistently failing on Hyperconverged Cluster Operator
1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
1923979 - kubernetes-nmstate: nmstate-handler pod crashes when configuring bridge device using ip tool
1927373 - NoExecute taint violates pdb; VMIs are not live migrated
1931376 - VMs disconnected from nmstate-defined bridge after CNV-2.5.4->CNV-2.6.0 upgrade
- ========================================================================== Ubuntu Security Notice USN-4468-1 August 21, 2020
bind9 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Bind.
Software Description: - bind9: Internet Domain Name Server
Details:
Emanuel Almeida discovered that Bind incorrectly handled certain TCP payloads. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8620)
Joseph Gullo discovered that Bind incorrectly handled QNAME minimization when used in certain configurations. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8621)
Dave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind incorrectly handled certain truncated responses to a TSIG-signed request. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8622)
Lyu Chiy discovered that Bind incorrectly handled certain queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2020-8623)
Joop Boonen discovered that Bind incorrectly handled certain subdomain update-policy rules. A remote attacker granted privileges to change certain parts of a zone could use this issue to change other contents of the zone, contrary to expectations. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8624)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04 LTS: bind9 1:9.16.1-0ubuntu2.3
Ubuntu 18.04 LTS: bind9 1:9.11.3+dfsg-1ubuntu1.13
Ubuntu 16.04 LTS: bind9 1:9.10.3.dfsg.P4-8ubuntu1.17
In general, a standard system update will make all the necessary changes.
For the stable distribution (buster), these problems have been fixed in version 1:9.11.5.P4+dfsg-5.1+deb10u2.
We recommend that you upgrade your bind9 packages.
For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bind9
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9H9LBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Riow//eYx52gDQkiERYSEFJbSK34AzF5Ee3W8JYh1BG4PFagvR/y3hwddyFEkR pHlq/t78TPWi9oQ3j8uuQL0VLMA+8jyaNXA0h6BMs/3VKzGktFyINdKPBPIghT2w 2tugfgjK1MR0LZ27rcE86I1QoyFy+jHMmd03R0B0AQPWYkjp+2sp5nxskFVM9jXO 8emXIzT3IZns8WSS7xCZOqE6D40Vk/3hP5IXDXIbHHFUgl6jCEpPHJBHCgrtw9HZ Or/EQgy4y+QUZNqsPw93kxc7cwVWhauW/PX9VZ1HWnfMIWEZX9K8fmYPHlj4dJUa 1G45uTtYT7VaLvs+N7j1UulII+f1ZT9rrljasVKfbmALt+mp28/LzzcCCBMYohkK Ka30MmBu5yZnn36LNWGwaOO5D+cCHsc58awKu3C5wUG/QMBjT+dYlhkbUbllpZVj vMMXjnrefdkCLy7LEDAul1NLgxWcSWzcQ0SyNEfu9IajtA94unFMwNzFmQb7ykql WMkHTg+7mSdPCxOI+0g9+w+pKZFdBGZxXu76cV8FB1BmRitsM8XYrtBGO9uWvkI9 hIm7pHhyJB0E008qo+cKutpnvruLZLBUCutUuNHZAirq+zaHjoVDSxiqPWEJ9jdR Sx85bc7+6f1daR04r5ay/mCuWPTQYrM1VyBsFnAvGxWoznHnmbk= =kUyE -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202008-1238",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "31"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.0.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "communications diameter signaling router",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.5.0"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.12.0"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.16.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.17.3"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "20.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.17.0"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.2"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.21"
},
{
"model": "dns server",
"scope": "lt",
"trust": 1.0,
"vendor": "synology",
"version": "2.2.2-5028"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "communications diameter signaling router",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.21"
},
{
"model": "steelstore cloud integrated storage",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "159511"
},
{
"db": "PACKETSTORM",
"id": "160205"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "161742"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
],
"trust": 1.0
},
"cve": "CVE-2020-8622",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2020-8622",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-186747",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2020-8622",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-8622",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "security-officer@isc.org",
"id": "CVE-2020-8622",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202008-1071",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-186747",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-8622",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. runc is a CLI (command line interface) tool for building and running containers according to the OCI specification. BIND 9.0.0 to 9.11.21, 9.12.0 to 9.16.5, 9.17.0 to 9.17.3, 9.9.3-S1 to 9.11.21-S1 have security vulnerabilities, attackers can construct a special request to cause an assertion failure Causes the target service to end abnormally. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: bind security update\nAdvisory ID: RHSA-2020:4183-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:4183\nIssue date: 2020-10-07\nCVE Names: CVE-2020-8622\n====================================================================\n1. Summary:\n\nAn update for bind is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nSecurity Fix(es):\n\n* bind: truncated TSIG response can lead to an assertion failure\n(CVE-2020-8622)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1869473 - CVE-2020-8622 bind: truncated TSIG response can lead to an assertion failure\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nbind-9.8.2-0.68.rc1.el6_10.8.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.8.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nbind-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.8.i686.rpm\n\nx86_64:\nbind-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nbind-9.8.2-0.68.rc1.el6_10.8.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nbind-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nbind-9.8.2-0.68.rc1.el6_10.8.src.rpm\n\ni386:\nbind-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.8.i686.rpm\n\nppc64:\nbind-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.ppc.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.ppc.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.68.rc1.el6_10.8.s390x.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.8.s390x.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.s390.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.s390x.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.s390.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.s390x.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.8.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.8.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.ppc.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.ppc.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.8.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.s390.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.s390x.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.s390.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.s390x.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.8.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nbind-9.8.2-0.68.rc1.el6_10.8.src.rpm\n\ni386:\nbind-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.8.i686.rpm\n\nx86_64:\nbind-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.8.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-8622\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBX34ip9zjgjWX9erEAQggtxAAggiseLLM3omkfl5t8K2CgloI9VI+hsgl\n8S2aF4eU4Fhp7mZT+bXuFhN7QxQNGCyqc6slFZrJUlBnQKvUOzDnu+zPF1C4t7N2\nlhsIlwBBB1aBug89tOfmvAJ5o0mwtJgGuB2xfFoCm5QdlrSwgbt8ygQL9yfZDHGY\n54wZfpQeSfN5celNJgZQabXvkLKZ2DZsn/CGjZ+UwmZeF2gPtSpdKihnMbO0EkaK\ncxSkwBNR4CLhc4DJ77HWn0jRHTfO4dhfGOTIM6DhvwErcWj7vN3mSGtKtflV47D4\nwUUuwQ9RpmVLNpLBaAge6H9/lTb8P8SSkl07y9XLvPUu0iJhtkgZY9+s10JBSpNF\n4McC7h6iDC38QNbGidB+YqIX+EDxpHQq8O7tWrOdnaaZF2/UU7NpfoF7cZXJTDqo\n0r9LNvKV7WFGn66rsIEvyhke42iBKF3gZFgQA3OqLDGiQpK9C3lXBCsZMiQGY5fl\nXRjCfPl5jxg6/tIVWfjEJD0YdQ49ZdwOC/sU4eGmVKBRjhz/XKnaFhVoNVr9zpyK\nYFhfB0pdi4LFkr2XALRERfQXnduKpHT5ngw/GIvNhVfvXnqsacJ33Hf+EtvRbXi3\nvx0mxmv4Sl+yRewSl4XOj24Cj2pb0QcUp8KyaiHm12lpVKHMBfWq8OsJwVuIOFHi\nDn8VOOgqSzg=Q2qQ\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.5.20. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2020:5119\n\nSpace precludes documenting all of the container images in this advisory. \nSee the following Release Notes documentation, which will be updated\nshortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-rel\nease-notes.html\n\nThis update fixes the following bug among others:\n\n* Previously, the Prometheus swagger definition contained a `$ref` property\nwhich could not be resolved. This caused a runtime error to occur when\nusing the Prometheus operand creation form. This was fixed by adding a\n`definitions` property to schema returned by the `definitionFor` helper\nfunction so that the `$ref` property can resolve. There are no longer\nruntime errors when using the Prometheus operand creation form. \n(BZ#1885228)\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.5.20-x86_64\n\nThe image digest is\nsha256:78b878986d2d0af6037d637aa63e7b6f80fc8f17d0f0d5b077ac6aca83f792a0\n\n(For s390x architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.5.20-s390x\n\nThe image digest is\nsha256:372d9aea634d36704d8500a2f940edb3867bfde14c0e5aa19534ea5ac90083d4\n\n(For ppc64le architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.5.20-ppc64le\n\nThe image digest is\nsha256:030d8323cce90de6bc7ad4119ebb7f000bde06e742f6923faf76707ffe85634a\n\nAll OpenShift Container Platform 4.5 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster\n- -between-minor.html#understanding-upgrade-channels_updating-cluster-between\n- -minor. Solution:\n\nFor OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster\n- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):\n\n1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS\n1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs\n1883268 - remove erroneously specified label drop rules\n1885228 - Create Instance of Prometheus from operator returns blank page for non cluster-admin users\n1892585 - [release 4.5] cluster-monitoring-operator: Fix bug in reflector not recovering from \"Too large resource version\"\n1893202 - e2e-operator flakes with \"TestMetricsAccessible: prometheus returned unexpected results: timed out waiting for the condition\"\n1893742 - move e2e test off of nfs image from docker.io/gmontero/nfs-server:latest\n1894763 - Undiagnosed panic detected in pod\n1894782 - OperatorHub generates incorrect RBAC\n1895057 - Deleted netnamespace could not be re-created\n1896990 - Console shows wrong value for maxUnavailable and maxSurge when set to 0\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1732329 - Virtual Machine is missing documentation of its properties in yaml editor\n1783192 - Guest kernel panic when start RHEL6.10 guest with q35 machine type and virtio disk in cnv\n1791753 - [RFE] [SSP] Template validator should check validations in template\u0027s parent template\n1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic\n1848954 - KMP missing CA extensions in cabundle of mutatingwebhookconfiguration\n1848956 - KMP requires downtime for CA stabilization during certificate rotation\n1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash\n1853911 - VM with dot in network name fails to start with unclear message\n1854098 - NodeNetworkState on workers doesn\u0027t have \"status\" key due to nmstate-handler pod failure to run \"nmstatectl show\"\n1856347 - SR-IOV : Missing network name for sriov during vm setup\n1856953 - CVE-2020-15586 golang: data race in certain net/http servers including ReverseProxy can lead to DoS\n1859235 - Common Templates - after upgrade there are 2 common templates per each os-workload-flavor combination\n1860714 - No API information from `oc explain`\n1860992 - CNV upgrade - users are not removed from privileged SecurityContextConstraints\n1864577 - [v2v][RHV to CNV non migratable source VM fails to import to Ceph-rbd / File system due to overhead required for Filesystem\n1866593 - CDI is not handling vm disk clone\n1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs\n1868817 - Container-native Virtualization 2.6.0 Images\n1873771 - Improve the VMCreationFailed error message caused by VM low memory\n1874812 - SR-IOV: Guest Agent expose link-local ipv6 address for sometime and then remove it\n1878499 - DV import doesn\u0027t recover from scratch space PVC deletion\n1879108 - Inconsistent naming of \"oc virt\" command in help text\n1881874 - openshift-cnv namespace is getting stuck if the user tries to delete it while CNV is running\n1883232 - Webscale: kubevirt/CNV datavolume importer pod inability to disable sidecar injection if namespace has sidecar injection enabled but VM Template does NOT\n1883371 - CVE-2020-26160 jwt-go: access restriction bypass vulnerability\n1885153 - [v2v][RHV to CNv VM import] Wrong Network mapping do not show a relevant error message\n1885418 - [openshift-cnv] issues with memory overhead calculation when limits are used\n1887398 - [openshift-cnv][CNV] nodes need to exist and be labeled first, *before* the NodeNetworkConfigurationPolicy is applied\n1889295 - [v2v][VMware to CNV VM import API] diskMappings: volumeMode Block is not passed on to PVC request. \n1891285 - Common templates and kubevirt-config cm - update machine-type\n1891440 - [v2v][VMware to CNV VM import API]Source VM with no network interface fail with unclear error\n1892227 - [SSP] cluster scoped resources are not being reconciled\n1893278 - openshift-virtualization-os-images namespace not seen by user\n1893646 - [HCO] Pod placement configuration - dry run is not performed for all the configuration stanza\n1894428 - Message for VMI not migratable is not clear enough\n1894824 - [v2v][VM import] Pick the smallest template for the imported VM, and not always Medium\n1894897 - [v2v][VMIO] VMimport CR is not reported as failed when target VM is deleted during the import\n1895414 - Virt-operator is accepting updates to the placement of its workload components even with running VMs\n1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers\n1898072 - Add Fedora33 to Fedora common templates\n1898840 - [v2v] VM import VMWare to CNV Import 63 chars vm name should not fail\n1899558 - CNV 2.6 - nmstate fails to set state\n1901480 - VM disk io can\u0027t worked if namespace have label kubemacpool\n1902046 - Not possible to edit CDIConfig (through CDI CR / CDIConfig)\n1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service\n1903014 - hco-webhook pod in CreateContainerError\n1903585 - [v2v] Windows 2012 VM imported from RHV goes into Windows repair mode\n1904797 - [VMIO][vmware] A migrated RHEL/Windows VM starts in emergency mode/safe mode when target storage is NFS and target namespace is NOT \"default\"\n1906199 - [CNV-2.5] CNV Tries to Install on Windows Workers\n1907151 - kubevirt version is not reported correctly via virtctl\n1907352 - VM/VMI link changes to `kubevirt.io~v1~VirtualMachineInstance` on CNV 2.6\n1907691 - [CNV] Configuring NodeNetworkConfigurationPolicy caused \"Internal error occurred\" for creating datavolume\n1907988 - VM loses dynamic IP address of its default interface after migration\n1908363 - Applying NodeNetworkConfigurationPolicy for different NIC than default disables br-ex bridge and nodes lose connectivity\n1908421 - [v2v] [VM import RHV to CNV] Windows imported VM boot failed: INACCESSIBLE BOOT DEVICE error\n1908883 - CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference\n1909458 - [V2V][VMware to CNV VM import via api using VMIO] VM import to Ceph RBD/BLOCK fails on \"qemu-img: /data/disk.img\" error\n1910857 - Provide a mechanism to enable the HotplugVolumes feature gate via HCO\n1911118 - Windows VMI LiveMigration / shutdown fails on \u0027XML error: non unique alias detected: ua-\u0027)\n1911396 - Set networkInterfaceMultiqueue false in rhel 6 template for e1000e interface\n1911662 - el6 guests don\u0027t work properly if virtio bus is specified on various devices\n1912908 - Allow using \"scsi\" bus for disks in template validation\n1913248 - Creating vlan interface on top of a bond device via NodeNetworkConfigurationPolicy fails\n1913320 - Informative message needed with virtctl image-upload, that additional step is needed from the user\n1913717 - Users should have read permitions for golden images data volumes\n1913756 - Migrating to Ceph-RBD + Block fails when skipping zeroes\n1914177 - CNV does not preallocate blank file data volumes\n1914608 - Obsolete CPU models (kubevirt-cpu-plugin-configmap) are set on worker nodes\n1914947 - HPP golden images - DV shoudld not be created with WaitForFirstConsumer\n1917908 - [VMIO] vmimport pod fail to create when using ceph-rbd/block\n1917963 - [CNV 2.6] Unable to install CNV disconnected - requires kvm-info-nfd-plugin which is not mirrored\n1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration\n1920576 - HCO can report ready=true when it failed to create a CR for a component operator\n1920610 - e2e-aws-4.7-cnv consistently failing on Hyperconverged Cluster Operator\n1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation\n1923979 - kubernetes-nmstate: nmstate-handler pod crashes when configuring bridge device using ip tool\n1927373 - NoExecute taint violates pdb; VMIs are not live migrated\n1931376 - VMs disconnected from nmstate-defined bridge after CNV-2.5.4-\u003eCNV-2.6.0 upgrade\n\n5. ==========================================================================\nUbuntu Security Notice USN-4468-1\nAugust 21, 2020\n\nbind9 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Bind. \n\nSoftware Description:\n- bind9: Internet Domain Name Server\n\nDetails:\n\nEmanuel Almeida discovered that Bind incorrectly handled certain TCP\npayloads. A remote attacker could possibly use this issue to cause Bind to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n20.04 LTS. (CVE-2020-8620)\n\nJoseph Gullo discovered that Bind incorrectly handled QNAME minimization\nwhen used in certain configurations. A remote attacker could possibly use\nthis issue to cause Bind to crash, resulting in a denial of service. This\nissue only affected Ubuntu 20.04 LTS. (CVE-2020-8621)\n\nDave Feldman, Jeff Warren, and Joel Cunningham discovered that Bind\nincorrectly handled certain truncated responses to a TSIG-signed request. A\nremote attacker could possibly use this issue to cause Bind to crash,\nresulting in a denial of service. (CVE-2020-8622)\n\nLyu Chiy discovered that Bind incorrectly handled certain queries. A remote\nattacker could possibly use this issue to cause Bind to crash, resulting in\na denial of service. (CVE-2020-8623)\n\nJoop Boonen discovered that Bind incorrectly handled certain subdomain\nupdate-policy rules. A remote attacker granted privileges to change certain\nparts of a zone could use this issue to change other contents of the zone,\ncontrary to expectations. This issue only affected Ubuntu 18.04 LTS and\nUbuntu 20.04 LTS. (CVE-2020-8624)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.04 LTS:\n bind9 1:9.16.1-0ubuntu2.3\n\nUbuntu 18.04 LTS:\n bind9 1:9.11.3+dfsg-1ubuntu1.13\n\nUbuntu 16.04 LTS:\n bind9 1:9.10.3.dfsg.P4-8ubuntu1.17\n\nIn general, a standard system update will make all the necessary changes. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1:9.11.5.P4+dfsg-5.1+deb10u2. \n\nWe recommend that you upgrade your bind9 packages. \n\nFor the detailed security status of bind9 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/bind9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9H9LBfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0Riow//eYx52gDQkiERYSEFJbSK34AzF5Ee3W8JYh1BG4PFagvR/y3hwddyFEkR\npHlq/t78TPWi9oQ3j8uuQL0VLMA+8jyaNXA0h6BMs/3VKzGktFyINdKPBPIghT2w\n2tugfgjK1MR0LZ27rcE86I1QoyFy+jHMmd03R0B0AQPWYkjp+2sp5nxskFVM9jXO\n8emXIzT3IZns8WSS7xCZOqE6D40Vk/3hP5IXDXIbHHFUgl6jCEpPHJBHCgrtw9HZ\nOr/EQgy4y+QUZNqsPw93kxc7cwVWhauW/PX9VZ1HWnfMIWEZX9K8fmYPHlj4dJUa\n1G45uTtYT7VaLvs+N7j1UulII+f1ZT9rrljasVKfbmALt+mp28/LzzcCCBMYohkK\nKa30MmBu5yZnn36LNWGwaOO5D+cCHsc58awKu3C5wUG/QMBjT+dYlhkbUbllpZVj\nvMMXjnrefdkCLy7LEDAul1NLgxWcSWzcQ0SyNEfu9IajtA94unFMwNzFmQb7ykql\nWMkHTg+7mSdPCxOI+0g9+w+pKZFdBGZxXu76cV8FB1BmRitsM8XYrtBGO9uWvkI9\nhIm7pHhyJB0E008qo+cKutpnvruLZLBUCutUuNHZAirq+zaHjoVDSxiqPWEJ9jdR\nSx85bc7+6f1daR04r5ay/mCuWPTQYrM1VyBsFnAvGxWoznHnmbk=\n=kUyE\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-8622"
},
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "PACKETSTORM",
"id": "159511"
},
{
"db": "PACKETSTORM",
"id": "160205"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "161742"
},
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "PACKETSTORM",
"id": "168899"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-8622",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "158940",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "158949",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "159511",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "160205",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "159845",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159004",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159981",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.4178",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2977",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3522",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1256",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2951.5",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2604",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2954",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4512",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2951.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3463",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0864",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3970",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2951.3",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2948",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0691",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3880",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041525",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "49866",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "160207",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "159985",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-186747",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-8622",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161742",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168899",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "PACKETSTORM",
"id": "159511"
},
{
"db": "PACKETSTORM",
"id": "160205"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "161742"
},
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "PACKETSTORM",
"id": "168899"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"id": "VAR-202008-1238",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
}
],
"trust": 0.01
},
"last_update_date": "2024-09-19T21:36:07.187000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "runc Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126812"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20204183 - Security Advisory"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20204992 - Security Advisory"
},
{
"title": "Red Hat: Moderate: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20205203 - Security Advisory"
},
{
"title": "Red Hat: Moderate: bind security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20205011 - Security Advisory"
},
{
"title": "Red Hat: Moderate: bind security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20204500 - Security Advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2021-1457",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2021-1457"
},
{
"title": "IBM: Security Bulletin: Vulnerability in bind affects IBM Integrated Analytics System",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=5df18782fa35770f1ccb0a60bd4d1fa5"
},
{
"title": "Debian Security Advisories: DSA-4752-1 bind9 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=803076d91d2c644d2eb525aea5dfdae2"
},
{
"title": "Amazon Linux 2: ALAS2-2020-1564",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2020-1564"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.5.20 bug fix and golang security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20205118 - Security Advisory"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=ec6577109e640dac19a6ddb978afe82d"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/NikulinMS/13-01-hw "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-617",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 1.7,
"url": "https://kb.isc.org/docs/cve-2020-8622"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20200827-0003/"
},
{
"trust": 1.7,
"url": "https://www.synology.com/security/advisory/synology_sa_20_19"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2020/dsa-4752"
},
{
"trust": 1.7,
"url": "https://security.gentoo.org/glsa/202008-19"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00053.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4468-1/"
},
{
"trust": 1.7,
"url": "https://usn.ubuntu.com/4468-2/"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8622"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/dqn62gbmcic5ay4kyadgxnkvy6ajksje/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zkamjzxr66p6s5leu4sn7ussncwtxexp/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zkamjzxr66p6s5leu4sn7ussncwtxexp/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/dqn62gbmcic5ay4kyadgxnkvy6ajksje/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158940/ubuntu-security-notice-usn-4468-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-from-bind-affects-ibm-netezza-host-management/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2951.2/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041525"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158949/ubuntu-security-notice-usn-4468-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2954/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1256"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3880/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-multiple-bind-vulnerabilities-cve-2020-8622-cve-2020-8623-cve-2020-8624/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/49866"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/isc-bind-assertion-error-via-truncated-tsig-response-33128"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159981/red-hat-security-advisory-2020-4992-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0864"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bind-affects-ibm-integrated-analytics-system-4/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4512/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159004/gentoo-linux-security-advisory-202008-19.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2951.3/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4178/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2948"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2951.5/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2604"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0691"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2977/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-publicly-disclosed-vulnerability-from-bind-affects-ibm-netezza-host-management-2/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160205/red-hat-security-advisory-2020-5203-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-bind-for-ibm-i-is-affected-by-cve-2020-8622-and-cve-2020-8624/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3522/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159511/red-hat-security-advisory-2020-4183-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3970/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3463/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159845/red-hat-security-advisory-2020-4500-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-bind-affects-aix-cve-2020-8622/"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-8622"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8624"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8623"
},
{
"trust": 0.3,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8624"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-8623"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20907"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-15586"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-15999"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-16845"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14422"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4468-1"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:4183"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5203"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20811"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.5/updating/updating-cluster"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14331"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14363"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8177"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-16845"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20811"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25637"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25637"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-rel"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15586"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14363"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5119"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20907"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14422"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14331"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8177"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16300"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14466"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25684"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13050"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9925"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15166"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9802"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25705"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20218"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-26160"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16230"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9895"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8625"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-6829"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12403"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20388"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15165"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14382"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3156"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8812"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3899"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14467"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8819"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10103"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14469"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3867"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16229"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8720"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9893"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19221"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8808"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3902"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14465"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14882"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16227"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25683"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18197"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1751"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3900"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14461"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14881"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9805"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14464"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8820"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9807"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8769"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8710"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8813"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9850"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14463"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-7595"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16228"
},
{
"trust": 0.1,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14879"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-29652"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14351"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16168"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9803"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9862"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24659"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14469"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9327"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14880"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3885"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17450"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15503"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-16935"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12321"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20916"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14461"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-5018"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19956"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10018"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14468"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8835"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8764"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14466"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8844"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3865"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14882"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1730"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3864"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16227"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14464"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16452"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19906"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16230"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20387"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14391"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14468"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14467"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14559"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14462"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-29661"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3862"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14880"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25682"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14881"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3901"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16300"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8823"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14462"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-1752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16229"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12400"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28362"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-15903"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3895"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-11793"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20454"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20843"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9894"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25685"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8816"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9843"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13627"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-6405"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8771"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16451"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13050"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3897"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10103"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16228"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9806"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0799"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14463"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8814"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20843"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8743"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3121"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9915"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25686"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8815"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13632"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25687"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10029"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16451"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8783"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20807"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13630"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14040"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14879"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14470"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25681"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14470"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8619"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9283"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27813"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-14465"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11068"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13631"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8766"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16452"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8846"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3868"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-3894"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8782"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-8ubuntu1.17"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.11.3+dfsg-1ubuntu1.13"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8620"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.16.1-0ubuntu2.3"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4468-2"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8619"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/bind9"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "PACKETSTORM",
"id": "159511"
},
{
"db": "PACKETSTORM",
"id": "160205"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "161742"
},
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "PACKETSTORM",
"id": "168899"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-186747"
},
{
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"db": "PACKETSTORM",
"id": "159511"
},
{
"db": "PACKETSTORM",
"id": "160205"
},
{
"db": "PACKETSTORM",
"id": "160207"
},
{
"db": "PACKETSTORM",
"id": "161742"
},
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "PACKETSTORM",
"id": "168899"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-21T00:00:00",
"db": "VULHUB",
"id": "VHN-186747"
},
{
"date": "2020-08-21T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"date": "2020-10-08T16:49:42",
"db": "PACKETSTORM",
"id": "159511"
},
{
"date": "2020-11-24T15:29:32",
"db": "PACKETSTORM",
"id": "160205"
},
{
"date": "2020-11-24T15:29:50",
"db": "PACKETSTORM",
"id": "160207"
},
{
"date": "2021-03-10T16:02:43",
"db": "PACKETSTORM",
"id": "161742"
},
{
"date": "2020-08-21T21:44:34",
"db": "PACKETSTORM",
"id": "158940"
},
{
"date": "2020-08-25T17:19:25",
"db": "PACKETSTORM",
"id": "158949"
},
{
"date": "2020-08-28T19:12:00",
"db": "PACKETSTORM",
"id": "168899"
},
{
"date": "2020-08-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"date": "2020-08-21T21:15:12.247000",
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "VULHUB",
"id": "VHN-186747"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2020-8622"
},
{
"date": "2021-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202008-1071"
},
{
"date": "2023-11-07T03:26:38.710000",
"db": "NVD",
"id": "CVE-2020-8622"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "158940"
},
{
"db": "PACKETSTORM",
"id": "158949"
},
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISC BIND Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202008-1071"
}
],
"trust": 0.6
}
}
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.