[Git][security-tracker-team/security-tracker][master] Reserve DLA-3371-1 for unbound
Markus Koschany (@apo)
apo at debian.org
Wed Mar 29 13:46:55 BST 2023
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
08d0cf16 by Markus Koschany at 2023-03-29T14:46:34+02:00
Reserve DLA-3371-1 for unbound
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45401,7 +45401,6 @@ CVE-2022-3205 (Cross site scripting in automation controller UI in Red Hat Ansib
CVE-2022-3204 (A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation ...)
- unbound 1.16.3-1
[bullseye] - unbound <no-dsa> (Minor issue)
- [buster] - unbound <no-dsa> (Minor issue)
NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
NOTE: Fixed by: https://github.com/NLnetLabs/unbound/commit/137719522a8ea5b380fbb6206d2466f402f5b554 (release-1.16.3)
CVE-2022-3203 (On ORing net IAP-420(+) with FW version 2.0m a telnet server is enable ...)
@@ -72626,13 +72625,11 @@ CVE-2022-30700 (An incorrect permission assignment vulnerability in Trend Micro
CVE-2022-30699 (NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable ...)
- unbound 1.16.2-1 (bug #1016493)
[bullseye] - unbound <no-dsa> (Minor issue)
- [buster] - unbound <no-dsa> (Minor issue)
NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt
NOTE: https://github.com/NLnetLabs/unbound/commit/f6753a0f1018133df552347a199e0362fc1dac68 (release-1.16.2)
CVE-2022-30698 (NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable t ...)
- unbound 1.16.2-1 (bug #1016493)
[bullseye] - unbound <no-dsa> (Minor issue)
- [buster] - unbound <no-dsa> (Minor issue)
NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt
NOTE: https://github.com/NLnetLabs/unbound/commit/f6753a0f1018133df552347a199e0362fc1dac68 (release-1.16.2)
CVE-2022-30697 (Local privilege escalation due to insecure folder permissions. The fol ...)
@@ -177587,7 +177584,6 @@ CVE-2020-28935 (NLnet Labs Unbound, up to and including version 1.12.0, and NLne
[buster] - nsd <no-dsa> (Minor issue)
[stretch] - nsd <no-dsa> (Minor issue)
- unbound 1.13.0-1 (bug #977165)
- [buster] - unbound <no-dsa> (Minor issue)
[stretch] - unbound <end-of-life> (DSA 4694-1)
NOTE: https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt
NOTE: https://github.com/NLnetLabs/nsd/commit/a4caec3137a1bc9eca05d38d66e2bce572ca9bd3 (NSD_4_3_4_RC1)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[29 Mar 2023] DLA-3371-1 unbound - security update
+ {CVE-2020-28935 CVE-2022-3204 CVE-2022-30698 CVE-2022-30699}
+ [buster] - unbound 1.9.0-2+deb10u3
[28 Mar 2023] DLA-3370-1 xrdp - security update
{CVE-2022-23468 CVE-2022-23478 CVE-2022-23479 CVE-2022-23483 CVE-2022-23484 CVE-2022-23493}
[buster] - xrdp 0.9.9-1+deb10u2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d0cf1687b31ab3b4b124a9021b7b9a787c9b2c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d0cf1687b31ab3b4b124a9021b7b9a787c9b2c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230329/01acda57/attachment.htm>
More information about the debian-security-tracker-commits
mailing list