[Git][security-tracker-team/security-tracker][master] Add new adns issues CVE-2017-910{3,4,5,6,7,8,9}

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9cc9cc4f by Salvatore Bonaccorso at 2020-06-11T21:10:51+02:00
Add new adns issues CVE-2017-910{3,4,5,6,7,8,9}

As adns is a stub resolver that should only be used with trusted
recursor and the support is limited, mark those all as unimportant.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -171922,18 +171922,39 @@ CVE-2017-9110 (In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode func
 	NOTE: https://github.com/openexr/openexr/issues/232
 CVE-2017-9109
 	RESERVED
+	- adns <unfixed> (unimportant)
+	NOTE: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commit;h=fcf2b4e1faf22accb6184cca595aaee602839868
+	NOTE: Stub resolver that should only be used with trusted recursors
 CVE-2017-9108
 	RESERVED
+	- adns <unfixed> (unimportant)
+	NOTE: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commit;h=72c6bfd77dfdb34457a792874fd1c3030fca90ac
+	NOTE: Stub resolver that should only be used with trusted recursors
 CVE-2017-9107
 	RESERVED
+	- adns <unfixed> (unimportant)
+	NOTE: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commit;h=278f8eee581c4c4a0ddd0f98c4dc8c2974cf6b90
+	NOTE: Stub resolver that should only be used with trusted recursors
 CVE-2017-9106
 	RESERVED
+	- adns <unfixed> (unimportant)
+	NOTE: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commit;h=37792aacaf7abbcdac6a02715a5ef794b5147f13
+	NOTE: Stub resolver that should only be used with trusted recursors
 CVE-2017-9105
 	RESERVED
+	- adns <unfixed> (unimportant)
+	NOTE: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commit;h=17afb298d90c5aafed76bd3855a5fe7dcd58594c
+	NOTE: Stub resolver that should only be used with trusted recursors
 CVE-2017-9104
 	RESERVED
+	- adns <unfixed> (unimportant)
+	NOTE: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commit;h=7ba7a232de0516d2cce934bdc91627b33b46ef47
+	NOTE: Stub resolver that should only be used with trusted recursors
 CVE-2017-9103
 	RESERVED
+	- adns <unfixed> (unimportant)
+	NOTE: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=adns.git;a=commit;h=020d86e2eccc2dbdfa9dcca08ddb327cc7ca3ae2
+	NOTE: Stub resolver that should only be used with trusted recursors
 CVE-2017-9102
 	RESERVED
 CVE-2017-9101 (import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows re ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cc9cc4faf9d96c696b1f3a696f661e58e167365

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cc9cc4faf9d96c696b1f3a696f661e58e167365
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200611/b96624c5/attachment.html>