[Secure-testing-commits] r58055 - data/CVE

Mon Nov 27 18:06:10 UTC 2017

Author: carnil
Date: 2017-11-27 18:06:10 +0000 (Mon, 27 Nov 2017)
New Revision: 58055

Modified:
   data/CVE/list
Log:
Add additional references for pdns/pdns-recursor issues

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-11-27 18:04:16 UTC (rev 58054)
+++ data/CVE/list	2017-11-27 18:06:10 UTC (rev 58055)
@@ -6300,12 +6300,14 @@
 	[jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-07.html
+	NOTE: https://downloads.powerdns.com/patches/2017-07/
 CVE-2017-15093 [Configuration file injection in the API]
 	RESERVED
 	- pdns-recursor <unfixed>
 	[stretch] - pdns-recursor <no-dsa> (Minor issue)
 	[jessie] - pdns-recursor <no-dsa> (Minor issue)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-06.html
+	NOTE: https://downloads.powerdns.com/patches/2017-06/
 CVE-2017-15092 [Cross-Site Scripting in the web interface]
 	RESERVED
 	- pdns-recursor <unfixed>
@@ -6313,12 +6315,14 @@
 	[jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-05.html
+	NOTE: https://downloads.powerdns.com/patches/2017-05/
 CVE-2017-15091 [Missing check on API operations]
 	RESERVED
 	- pdns <unfixed>
 	[stretch] - pdns <no-dsa> (Minor issue)
 	[jessie] - pdns <no-dsa> (Minor issue)
 	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2017-04.html
+	NOTE: https://downloads.powerdns.com/patches/2017-04/
 CVE-2017-15090 [Insufficient validation of DNSSEC signatures]
 	RESERVED
 	- pdns-recursor <unfixed>
@@ -6326,6 +6330,7 @@
 	[jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	[wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0)
 	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-03.html
+	NOTE: https://downloads.powerdns.com/patches/2017-03/
 CVE-2017-15089
 	RESERVED
 CVE-2017-15088 (plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka ...)


