[Git][security-tracker-team/security-tracker][master] Reserve DSA number for bind9 update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 25 22:50:01 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
efeaf0aa by Salvatore Bonaccorso at 2024-07-25T23:49:17+02:00
Reserve DSA number for bind9 update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -353,6 +353,7 @@ CVE-2024-1737 (Resolver caches and authoritative zone databases that hold signif
 	NOTE: RRset limits in zones: https://kb.isc.org/docs/rrset-limits-in-zones
 CVE-2024-0760 (A malicious client can send many DNS messages over TCP, potentially ca ...)
 	- bind9 1:9.20.0-1
+	[bookworm] - bind9 1:9.18.28-1~deb12u1
 	[bullseye] - bind9 <not-affected> (Vulnerable code introduced in 9.18 branch)
 	NOTE: https://kb.isc.org/docs/cve-2024-0760
 CVE-2024-6913 (Execution with unnecessary privileges in PerkinElmer ProcessPlus allow ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[25 Jul 2024] DSA-5734-1 bind9 - security update
+	{CVE-2024-1737 CVE-2024-1975 CVE-2024-4076}
+	[bullseye] - bind9 1:9.16.50-1~deb11u1
+	[bookworm] - bind9 1:9.18.28-1~deb12u1
 [18 Jul 2024] DSA-5733-1 thunderbird - security update
 	{CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6604}
 	[bullseye] - thunderbird 1:115.13.0-1~deb11u1


=====================================
data/dsa-needed.txt
=====================================
@@ -11,9 +11,6 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source package.
 
---
-bind9 (carnil)
-  Maintainer prepared an update for review and DSA release
 --
 cacti
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efeaf0aa2dee996d13c8960ccd049131990c79de

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efeaf0aa2dee996d13c8960ccd049131990c79de
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240725/9febcd44/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list