[Git][security-tracker-team/security-tracker][master] Mark (for now) knot-resolver all no-dsa and drop if from dsa-needed
Salvatore Bonaccorso
carnil at debian.org
Sun Apr 18 19:32:59 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b2b711e7 by Salvatore Bonaccorso at 2021-04-18T20:27:43+02:00
Mark (for now) knot-resolver all no-dsa and drop if from dsa-needed
Arguably still at least the NXNSAttack issue would be DSA worthy, but
enough time has passed that it does less matter if it takes now 1 week
or 4 to address the issue in buster. Furthermore there was discussion if
knot-resolver is actually substainable in buster in the present version
and usable enough.
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -73019,6 +73019,7 @@ CVE-2020-12668 (Jinjava before 2.5.4 allow access to arbitrary classes by callin
NOT-FOR-US: Jinjava
CVE-2020-12667 (Knot Resolver before 5.1.1 allows traffic amplification via a crafted ...)
- knot-resolver 5.1.1-0.1 (bug #961076)
+ [buster] - knot-resolver <no-dsa> (Minor issue; can be fixed via point release)
NOTE: https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/
NOTE: commit: https://gitlab.labs.nic.cz/knot/knot-resolver/-/commit/54f05e4d7b2e47c0bdd30b84272fc503cc65304b
NOTE: commit: https://gitlab.labs.nic.cz/knot/knot-resolver/-/commit/ba7b89db780fe3884b4e90090318e25ee5afb118
@@ -104064,6 +104065,7 @@ CVE-2019-19332 (An out-of-bounds memory write issue was found in the Linux Kerne
NOTE: https://git.kernel.org/linus/433f4ba1904100da65a311033f17a9bf586b287e
CVE-2019-19331 (knot-resolver before version 4.3.0 is vulnerable to denial of service ...)
- knot-resolver 5.0.1-1 (bug #946181)
+ [buster] - knot-resolver <no-dsa> (Minor issue; can be fixed via point release)
NOTE: https://www.openwall.com/lists/oss-security/2019/12/04/4
CVE-2019-19329 (In Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-0 ...)
NOT-FOR-US: Wikibase Wikidata Query Service GUI
@@ -135031,11 +135033,13 @@ CVE-2019-10192 (A heap-buffer overflow vulnerability was found in the Redis hype
NOTE: https://github.com/antirez/redis/commit/7f79849caa006f0d760b6c7e17f7796e3be92b4f (5.0.4)
CVE-2019-10191 (A vulnerability was discovered in DNS resolver of knot resolver before ...)
- knot-resolver 5.0.1-1 (bug #932048)
+ [buster] - knot-resolver <no-dsa> (Minor issue; can be fixed via point release)
NOTE: https://www.knot-resolver.cz/2019-07-10-knot-resolver-4.1.0.html
NOTE: https://gitlab.labs.nic.cz/knot/knot-resolver/merge_requests/839
NOTE: https://www.openwall.com/lists/oss-security/2019/07/14/1
CVE-2019-10190 (A vulnerability was discovered in DNS resolver component of knot resol ...)
- knot-resolver 5.0.1-1 (bug #932048)
+ [buster] - knot-resolver <no-dsa> (Minor issue; can be fixed via point release)
NOTE: https://www.knot-resolver.cz/2019-07-10-knot-resolver-4.1.0.html
NOTE: https://gitlab.labs.nic.cz/knot/knot-resolver/merge_requests/827
NOTE: https://www.openwall.com/lists/oss-security/2019/07/14/1
=====================================
data/dsa-needed.txt
=====================================
@@ -16,9 +16,6 @@ chromium
--
condor
--
-knot-resolver
- Santiago Ruano Rincón proposed a debdiff for review
---
libhibernate3-java
--
linux (carnil)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2b711e73d45e7cf1cf48091b8d1e80159a639b4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2b711e73d45e7cf1cf48091b8d1e80159a639b4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210418/d93d8471/attachment.htm>
More information about the debian-security-tracker-commits
mailing list