[Secure-testing-commits] r50605 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Apr 13 04:19:47 UTC 2017
Author: carnil
Date: 2017-04-13 04:19:46 +0000 (Thu, 13 Apr 2017)
New Revision: 50605
Modified:
data/CVE/list
Log:
Add three new bind9 issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-12 21:10:18 UTC (rev 50604)
+++ data/CVE/list 2017-04-13 04:19:46 UTC (rev 50605)
@@ -13071,12 +13071,18 @@
RESERVED
CVE-2017-3139
RESERVED
-CVE-2017-3138
+CVE-2017-3138 [named exits with a REQUIRE assertion failure if it receives a null command string on its control channel]
RESERVED
-CVE-2017-3137
+ - bind9 <unfixed>
+ NOTE: https://kb.isc.org/article/AA-01471
+CVE-2017-3137 [A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME]
RESERVED
-CVE-2017-3136
+ - bind9 <unfixed>
+ NOTE: https://kb.isc.org/article/AA-01466
+CVE-2017-3136 [An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;"]
RESERVED
+ - bind9 <unfixed>
+ NOTE: https://kb.isc.org/article/AA-01465
CVE-2017-3135 [Assertion failure when using DNS64 and RPZ can lead to crash]
RESERVED
{DSA-3795-1 DLA-843-1}
More information about the Secure-testing-commits
mailing list