[Secure-testing-commits] r58463 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Dec 11 13:46:13 UTC 2017


Author: carnil
Date: 2017-12-11 13:46:12 +0000 (Mon, 11 Dec 2017)
New Revision: 58463

Modified:
   data/CVE/list
Log:
Add new pdns-recursor issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-11 12:58:11 UTC (rev 58462)
+++ data/CVE/list	2017-12-11 13:46:12 UTC (rev 58463)
@@ -9506,8 +9506,13 @@
 	- linux 3.11.5-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1520893
 	NOTE: Fixed by: https://git.kernel.org/linus/5a7203947a1d9b6f3a00a39fda08c2466489555f (v3.11-rc1)
-CVE-2017-15120
+CVE-2017-15120 [Crafted CNAME answer can cause a denial of service]
 	RESERVED
+	- pdns-recursor <unfixed>
+	[jessie] - pdns-recursor <not-affected> (Vulnerable code introduced in 4.0.0)
+	[wheezy] - pdns-recursor <not-affected> (Vulnerable code introduced in 4.0.0)
+	NOTE: Patch: https://downloads.powerdns.com/patches/2017-08
+	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-08.html
 CVE-2017-15119 [DoS via large option request]
 	RESERVED
 	- qemu <unfixed> (bug #883399)




More information about the Secure-testing-commits mailing list