[Git][security-tracker-team/security-tracker][master] djbdns reintroduced in Debian

Salvatore Bonaccorso carnil at debian.org
Mon Jul 27 17:02:09 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bd3d2d03 by Salvatore Bonaccorso at 2020-07-27T17:59:47+02:00
djbdns reintroduced in Debian

CVE-2008-4392 might already be fixed, for details
<https://bugs.debian.org/516394#261> so this might need to be checked
again and mark accordingly.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -318451,7 +318451,7 @@ CVE-2012-1193 (The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwri
 CVE-2012-1192 (The resolver in Unbound before 1.4.11 overwrites cached server names a ...)
 	NOTE: DNS protocol flaw
 CVE-2012-1191 (The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites ...)
-	- djbdns <removed>
+	- djbdns <unfixed>
 	NOTE: DNS protocol flaw
 	NOTE: RH made an update: https://bugzilla.redhat.com/show_bug.cgi?id=838761
 CVE-2011-5081 (Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC ...)
@@ -368846,7 +368846,7 @@ CVE-2008-4394 (Multiple untrusted search path vulnerabilities in Portage before
 CVE-2008-4393 (Cross-site scripting (XSS) vulnerability in VeriSign Kontiki Delivery  ...)
 	NOT-FOR-US: VeriSign Kontiki
 CVE-2008-4392 (dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultane ...)
-	- djbdns <removed> (high; bug #516394)
+	- djbdns <unfixed> (high; bug #516394)
 CVE-2008-4391 (Stack-based buffer overflow in the SetSource method in the NetCamPlaye ...)
 	NOT-FOR-US: Cisco Linksys WVC54GC
 CVE-2008-4390 (The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 s ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd3d2d0310a36461eb1f7bcb09d5ae23ff5cd779

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd3d2d0310a36461eb1f7bcb09d5ae23ff5cd779
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200727/572d7038/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list