[Secure-testing-commits] r58475 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Dec 12 05:56:27 UTC 2017
Author: carnil
Date: 2017-12-12 05:56:26 +0000 (Tue, 12 Dec 2017)
New Revision: 58475
Modified:
data/CVE/list
Log:
Add fixing version for CVE-2017-15120/pdns-recursor
Affected are 4.0.0 up to 4.0.7, fixed/not-affected 4.0.8 and 4.1.0
upstream. Mark the first 4.1.0 version uploaded to unstable as the
fixing version.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-11 22:03:46 UTC (rev 58474)
+++ data/CVE/list 2017-12-12 05:56:26 UTC (rev 58475)
@@ -9570,7 +9570,7 @@
NOTE: Fixed by: https://git.kernel.org/linus/5a7203947a1d9b6f3a00a39fda08c2466489555f (v3.11-rc1)
CVE-2017-15120 [Crafted CNAME answer can cause a denial of service]
RESERVED
- - pdns-recursor <unfixed>
+ - pdns-recursor 4.1.0-1
[jessie] - pdns-recursor <not-affected> (Vulnerable code introduced in 4.0.0)
[wheezy] - pdns-recursor <not-affected> (Vulnerable code introduced in 4.0.0)
NOTE: Patch: https://downloads.powerdns.com/patches/2017-08
More information about the Secure-testing-commits
mailing list