[Secure-testing-commits] r9441 - data/CVE

thijs at alioth.debian.org thijs at alioth.debian.org
Mon Jul 28 10:07:57 UTC 2008


Author: thijs
Date: 2008-07-28 10:07:56 +0000 (Mon, 28 Jul 2008)
New Revision: 9441

Modified:
   data/CVE/list
Log:
Marking non-caching stub resolvers as low since these really should be fixed,
but are much less vulnerable than a caching server. Adding some more stub
resolvers.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-07-28 09:14:13 UTC (rev 9440)
+++ data/CVE/list	2008-07-28 10:07:56 UTC (rev 9441)
@@ -4294,11 +4294,15 @@
 CVE-2008-1447 (The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, ...)
 	{DSA-1619-1 DSA-1617-1 DSA-1603-1 DTSA-147-1}
 	- bind9 1:9.5.0.dfsg-5 (high)
-	- glibc <unfixed> (medium)
+	- glibc <unfixed> (low)
 	- dnsmasq 2.43-1 (medium; bug #490123)
-	- python-dns 2.3.1-5 (bug #490217)
+	- python-dns 2.3.1-5 (low; bug #490217)
+	- python-dnspython <unfixed> (low; bug #492465)
+	- adns <unfixed> (low; bug #492698)
+	- libnet-dns-perl <unfixed> (low; bug #492700)
 	NOTE: Unbound, djbdns, pdnsd and PowerDNS are affected by the underlying protocol issue, but
 	NOTE: already use source port randomization.
+	NOTE: Marking non-caching stub resolvers as low since these really should be fixed, but are much less vulnerable than a caching server.
 CVE-2008-1446
 	RESERVED
 CVE-2008-1445 (Active Directory on Microsoft Windows 2000 Server SP4, XP Professional ...)




More information about the Secure-testing-commits mailing list