[Git][security-tracker-team/security-tracker][master] Add new bind9 issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 21 12:29:36 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9acc44f1 by Salvatore Bonaccorso at 2022-09-21T13:29:04+02:00
Add new bind9 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4837,8 +4837,10 @@ CVE-2022-3082
RESERVED
CVE-2022-3081
RESERVED
-CVE-2022-3080
+CVE-2022-3080 [BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly]
RESERVED
+ - bind9 <unfixed>
+ NOTE: https://kb.isc.org/docs/cve-2022-3080
CVE-2022-3079 (Festo control block CPX-CEC-C1 and CPX-CMXX in multiple versions allow ...)
NOT-FOR-US: Festo
CVE-2022-3078 (An issue was discovered in the Linux kernel through 5.16-rc6. There is ...)
@@ -6731,8 +6733,10 @@ CVE-2022-2907
[experimental] - gitlab 15.2.3+ds1-1
- gitlab <unfixed>
NOTE: https://about.gitlab.com/releases/2022/08/30/critical-security-release-gitlab-15-3-2-released/
-CVE-2022-2906
+CVE-2022-2906 [Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs]
RESERVED
+ - bind9 <unfixed>
+ NOTE: https://kb.isc.org/docs/cve-2022-2906
CVE-2022-2905 (An out-of-bounds memory read flaw was found in the Linux kernel's BPF ...)
- linux 5.19.6-1
[bullseye] - linux 5.10.140-1
@@ -6950,8 +6954,10 @@ CVE-2022-2883
RESERVED
CVE-2022-2882
RESERVED
-CVE-2022-2881
+CVE-2022-2881 [Buffer overread in statistics channel code]
RESERVED
+ - bind9 <unfixed>
+ NOTE: https://kb.isc.org/docs/cve-2022-2881
CVE-2022-2880
RESERVED
CVE-2022-2879
@@ -7626,10 +7632,14 @@ CVE-2022-38180 (In JetBrains Ktor before 2.1.0 the wrong authentication provider
NOT-FOR-US: JetBrains Ktor
CVE-2022-38179 (JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Downloa ...)
NOT-FOR-US: JetBrains Ktor
-CVE-2022-38178
+CVE-2022-38178 [Memory leaks in EdDSA DNSSEC verification code]
RESERVED
-CVE-2022-38177
+ - bind9 <unfixed>
+ NOTE: https://kb.isc.org/docs/cve-2022-38178
+CVE-2022-38177 [Memory leak in ECDSA DNSSEC verification code]
RESERVED
+ - bind9 <unfixed>
+ NOTE: https://kb.isc.org/docs/cve-2022-38177
CVE-2022-2808
RESERVED
CVE-2022-2807
@@ -7656,8 +7666,10 @@ CVE-2022-2797 (A vulnerability classified as critical was found in SourceCodeste
NOT-FOR-US: SourceCodester Student Information System
CVE-2022-2796 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
NOT-FOR-US: pimcore
-CVE-2022-2795
+CVE-2022-2795 [Processing large delegations may severely degrade resolver performance]
RESERVED
+ - bind9 <unfixed>
+ NOTE: https://kb.isc.org/docs/cve-2022-2795
CVE-2022-38176 (An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect priv ...)
NOT-FOR-US: YSoft
CVE-2022-38175
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9acc44f1b2270c60dd75dddf0d8cb89e4910617e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9acc44f1b2270c60dd75dddf0d8cb89e4910617e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220921/569e24f8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list