[Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: add commits that mitigate NXMSattack in knot-resolver

Santiago R.R. santiago at debian.org
Wed May 20 10:53:37 BST 2020



Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker


Commits:
85315cd8 by Santiago Ruano Rincón at 2020-05-20T11:48:26+02:00
data/CVE/list: add commits that mitigate NXMSattack in knot-resolver

- - - - -
857f7232 by Santiago Ruano Rincón at 2020-05-20T11:48:32+02:00
Merge remote-tracking branch 'refs/remotes/origin/master'

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1225,6 +1225,8 @@ CVE-2020-12668
 CVE-2020-12667 (Knot Resolver before 5.1.1 allows traffic amplification via a crafted  ...)
 	- knot-resolver <unfixed> (bug #961076)
 	NOTE: https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/
+	NOTE: commit: https://gitlab.labs.nic.cz/knot/knot-resolver/-/commit/54f05e4d7b2e47c0bdd30b84272fc503cc65304b
+	NOTE: commit: https://gitlab.labs.nic.cz/knot/knot-resolver/-/commit/ba7b89db780fe3884b4e90090318e25ee5afb118
 CVE-2020-12666 (macaron before 1.3.7 has an open redirect in the static handler, as de ...)
 	NOT-FOR-US: macaron
 CVE-2020-12665



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/88813d2681562ec8f31667490bbaef18eea186ac...857f72323a7e1c5a10d9063c5cbcbf18a97cf20b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/88813d2681562ec8f31667490bbaef18eea186ac...857f72323a7e1c5a10d9063c5cbcbf18a97cf20b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200520/7874e18a/attachment.html>


More information about the debian-security-tracker-commits mailing list