[Secure-testing-commits] r24665 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Dec 10 07:54:03 UTC 2013
Author: carnil
Date: 2013-12-10 07:54:03 +0000 (Tue, 10 Dec 2013)
New Revision: 24665
Modified:
data/CVE/list
Log:
Update entry for CVE-2013-5661
Question: not sure how we actually want to handle that. It's not really
specific to bind9. Ubuntu has set this CVE to ignore, Red Hat does not
plan to change the defaults.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-10 07:10:53 UTC (rev 24664)
+++ data/CVE/list 2013-12-10 07:54:03 UTC (rev 24665)
@@ -3922,10 +3922,14 @@
NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2013-5662
RESERVED
-CVE-2013-5661 [bind: DNS response rate limiting can simplify cache poisoning attacks]
+CVE-2013-5661 [DNS response rate limiting can simplify cache poisoning attacks]
RESERVED
- bind9 <unfixed>
- TODO: check
+ - nsd3 <removed>
+ - nsd <undetermined>
+ - knot <undetermined>
+ NOTE: http://www.certa.ssi.gouv.fr/site/CERTA-2013-AVI-506/index.html
+ NOTE: https://www.isc.org/blogs/cache-poisoning-gets-a-second-wind-from-rrl-probably-not/
CVE-2013-5660
RESERVED
CVE-2013-5659
More information about the Secure-testing-commits
mailing list