[Git][security-tracker-team/security-tracker][master] pdns-recursor DSA

Moritz Muehlenhoff jmm at debian.org
Thu May 21 22:13:00 BST 2020



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9fa52acc by Moritz Muehlenhoff at 2020-05-21T23:12:40+02:00
pdns-recursor DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -9327,9 +9327,10 @@ CVE-2020-10032
 CVE-2020-10031
 	RESERVED
 CVE-2020-10030 (An issue has been found in PowerDNS Recursor 4.1.0 up to and including ...)
-	- pdns-recursor 4.3.1-1
+	- pdns-recursor 4.3.1-1 (unimportant)
 	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-03.html
 	NOTE: https://www.openwall.com/lists/oss-security/2020/05/19/3
+	NOTE: Non exploitable on Linux
 CVE-2020-10029 (The GNU C Library (aka glibc or libc6) before 2.32 could overflow an o ...)
 	- glibc 2.30-1 (bug #953108)
 	[buster] - glibc <no-dsa> (Minor issue)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[21 May 2020] DSA-4691-1 pdns-recursor - security update
+	{CVE-2020-10955 CVE-2020-12244}
+	[buster] - pdns-recursor 4.1.11-1+deb10u1
 [20 May 2020] DSA-4690-1 dovecot - security update
 	{CVE-2020-10957 CVE-2020-10958 CVE-2020-10967}
 	[buster] - dovecot 1:2.3.4.1-5+deb10u2


=====================================
data/dsa-needed.txt
=====================================
@@ -32,8 +32,6 @@ netqmail
 nss/oldstable (jmm)
   Roberto proposed an update including fixes for CVE-2018-12404 and CVE-2018-18508
 --
-pdns-recursor (jmm)
---
 php7.0/oldstable
 --
 php7.3/stable



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fa52acc748a7e0401fcbcfc20e1db595be509c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fa52acc748a7e0401fcbcfc20e1db595be509c3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200521/f4809a6e/attachment.html>


More information about the debian-security-tracker-commits mailing list