[Secure-testing-commits] r54949 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Aug 21 20:13:31 UTC 2017
Author: carnil
Date: 2017-08-21 20:13:31 +0000 (Mon, 21 Aug 2017)
New Revision: 54949
Modified:
data/CVE/list
Log:
Add two dnsdist issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-21 19:52:20 UTC (rev 54948)
+++ data/CVE/list 2017-08-21 20:13:31 UTC (rev 54949)
@@ -15703,8 +15703,11 @@
RESERVED
CVE-2017-7558
RESERVED
-CVE-2017-7557
+CVE-2017-7557 [Alteration of ACLs via API authentication bypass]
RESERVED
+ - dnsdist <unfixed>
+ NOTE: https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2017-02.html
+ NOTE: https://downloads.powerdns.com/patches/2017-02
CVE-2017-7556 (Hawtio versions up to and including 1.5.3 are vulnerable to CSRF ...)
NOT-FOR-US: hawtio
CVE-2017-7555 (Augeas versions up to and including 1.8.0 are vulnerable to heap-based ...)
@@ -44683,8 +44686,11 @@
NOT-FOR-US: Red Hat CloudForms
CVE-2016-7070
RESERVED
-CVE-2016-7069
+CVE-2016-7069 [Crafted backend responses can cause a denial of service]
RESERVED
+ - dnsdist <unfixed>
+ NOTE: https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2017-01.html
+ NOTE: https://downloads.powerdns.com/patches/2017-01
CVE-2016-7068
RESERVED
{DSA-3764-1 DSA-3763-1 DLA-798-1 DLA-788-1}
More information about the Secure-testing-commits
mailing list