[Secure-testing-commits] r24686 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Dec 11 11:29:14 UTC 2013
Author: jmm
Date: 2013-12-11 11:29:14 +0000 (Wed, 11 Dec 2013)
New Revision: 24686
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
handle CVE-2013-5661 similar to CVE-2013-119x
dsa needed for iceweasel and icedove
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-11 08:39:19 UTC (rev 24685)
+++ data/CVE/list 2013-12-11 11:29:14 UTC (rev 24686)
@@ -3959,10 +3959,7 @@
RESERVED
CVE-2013-5661 [DNS response rate limiting can simplify cache poisoning attacks]
RESERVED
- - bind9 <unfixed>
- - nsd3 <removed>
- - nsd <undetermined>
- - knot <undetermined>
+ NOTE: DNS protocol flaw
NOTE: http://www.certa.ssi.gouv.fr/site/CERTA-2013-AVI-506/index.html
NOTE: https://www.isc.org/blogs/cache-poisoning-gets-a-second-wind-from-rrl-probably-not/
CVE-2013-5660
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2013-12-11 08:39:19 UTC (rev 24685)
+++ data/dsa-needed.txt 2013-12-11 11:29:14 UTC (rev 24686)
@@ -26,6 +26,10 @@
--
iceape (jmm)
--
+iceweasel
+--
+icedove
+--
jquery/oldstable
Maintainer prepared an update
--
More information about the Secure-testing-commits
mailing list