[Git][security-tracker-team/security-tracker][master] Add CVE-2018-14644/pdns-recursor

Wed Nov 7 06:31:48 GMT 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8ae63f69 by Salvatore Bonaccorso at 2018-11-07T06:31:24Z
Add CVE-2018-14644/pdns-recursor

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10805,8 +10805,11 @@ CVE-2018-14645 (A flaw was discovered in the HPACK decoder of HAProxy, before 1.
 	[stretch] - haproxy <not-affected> (Only affects 1.8.x)
 	[jessie] - haproxy <not-affected> (Only affects 1.8.x)
 	NOTE: https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=b4e05a3daa30f657db01ec144a0e48850c48f813
-CVE-2018-14644
+CVE-2018-14644 [Crafted query for meta-types can cause a denial of service]
 	RESERVED
+	- pdns-recursor <unfixed>
+	NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-07.html
+	NOTE: https://downloads.powerdns.com/patches/2018-07/
 CVE-2018-14643 (An authentication bypass flaw was found in the smart_proxy_dynflow ...)
 	- foreman <itp> (bug #663101)
 	NOTE: Issue in a foreman component: smart_proxy_dynflow, which might land in separate source.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8ae63f69eb2898a5724d04961fd2c5eb062667e1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8ae63f69eb2898a5724d04961fd2c5eb062667e1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181107/d95f6574/attachment.html>
