[Git][security-tracker-team/security-tracker][master] knot-resolver DSA
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Feb 27 21:27:18 GMT 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b864b19c by Moritz Mühlenhoff at 2024-02-27T22:26:07+01:00
knot-resolver DSA
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -3445,6 +3445,7 @@ CVE-2023-50387 (Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4
- bind9 1:9.19.21-1
- dnsmasq 2.90-1
- knot-resolver 5.7.1-1
+ [bullseye] - knot-resolver <ignored> (Too intrusive to backport, if DNSSEC is used Bookworm can be used)
- pdns-recursor 4.9.3-1 (bug #1063852)
- unbound 1.19.1-1 (bug #1063845)
- systemd <unfixed>
@@ -3472,6 +3473,7 @@ CVE-2023-50868 (The Closest Encloser Proof aspect of the DNS protocol (in RFC 51
- bind9 1:9.19.21-1
- dnsmasq 2.90-1
- knot-resolver 5.7.1-1
+ [bullseye] - knot-resolver <ignored> (Too intrusive to backport, if DNSSEC is used Bookworm can be used)
- pdns-recursor 4.9.3-1 (bug #1063852)
- unbound 1.19.1-1 (bug #1063845)
- systemd <unfixed>
@@ -24037,7 +24039,6 @@ CVE-2023-46319 (WALLIX Bastion 9.x before 9.0.9 and 10.x before 10.0.5 allows un
NOT-FOR-US: WALLIX Bastion
CVE-2023-46317 (Knot Resolver before 5.7.0 performs many TCP reconnections upon receiv ...)
- knot-resolver 5.7.0-1
- [bookworm] - knot-resolver <no-dsa> (Minor issue)
[bullseye] - knot-resolver <no-dsa> (Minor issue)
NOTE: https://www.knot-resolver.cz/2023-08-22-knot-resolver-5.7.0.html
NOTE: https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1448
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[27 Feb 2024] DSA-5633-1 knot-resolver - security update
+ {CVE-2023-46317 CVE-2023-50387 CVE-2023-50868}
+ [bookworm] - knot-resolver 5.6.0-1+deb12u1
[26 Feb 2024] DSA-5632-1 composer - security update
{CVE-2024-24821}
[bullseye] - composer 2.0.9-2+deb11u2
=====================================
data/dsa-needed.txt
=====================================
@@ -30,8 +30,6 @@ gtkwave
--
h2o (jmm)
--
-knot-resolver (jmm)
---
libreswan (jmm)
Maintainer prepared bookworm-security update, but needs work on bullseye-security backports
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b864b19c2f4800fb8ab92c576e94855eccfb4cb9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b864b19c2f4800fb8ab92c576e94855eccfb4cb9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240227/550cd92a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list