[Git][security-tracker-team/security-tracker][master] Add new bind9 issue
Salvatore Bonaccorso
carnil at debian.org
Wed Jun 13 05:25:53 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
63370d98 by Salvatore Bonaccorso at 2018-06-13T06:20:06+02:00
Add new bind9 issue
Older version are not affected, but we need to check which one
introduced first upstream change 4777.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17685,8 +17685,11 @@ CVE-2018-5740
RESERVED
CVE-2018-5739
RESERVED
-CVE-2018-5738
+CVE-2018-5738 [Some versions of BIND can improperly permit recursive query service to unauthorized clients]
RESERVED
+ - bind9 <unfixed>
+ NOTE: Introducyed by upstream change #4777
+ NOTE: https://kb.isc.org/article/AA-01616/0/CVE-2018-5738
CVE-2018-5737 [serve-stale implementation can cause an assertion failure in rbtdb.c or other undesirable behavior, even if serve-stale is not enabled.]
RESERVED
- bind9 <not-affected> (only affects 9.12, not yet packaged)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/63370d984f6ac62da3fbe8bf3cb25ee184543085
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/63370d984f6ac62da3fbe8bf3cb25ee184543085
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180613/b3e25b2e/attachment.html>
More information about the debian-security-tracker-commits
mailing list