[Git][security-tracker-team/security-tracker][master] Reserve DLA-4280-1 for unbound

Guilhem Moulin (@guilhem) guilhem at debian.org
Sun Aug 24 21:17:34 BST 2025 


Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f0252158 by Guilhem Moulin at 2025-08-24T21:27:55+02:00
Reserve DLA-4280-1 for unbound

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -141263,7 +141263,6 @@ CVE-2023-6327 (The ShopLentor (formerly WooLentor) plugin for WordPress is vulne
 CVE-2024-33655 (The DNS protocol in RFC 1035 and updates allows remote attackers to ca ...)
 	- unbound 1.20.0-1
 	[bookworm] - unbound <ignored> (Minor issue, too intrusive to backport)
-	[bullseye] - unbound <ignored> (Minor issue, too intrusive to backport)
 	[buster] - unbound <ignored> (Not affected by DoS, intrusive changes)
 	NOTE: https://nlnetlabs.nl/downloads/unbound/CVE-2024-33655.txt
 	NOTE: Fixed by: https://github.com/NLnetLabs/unbound/commit/c3206f4568f60c486be6d165b1f2b5b254fea3de (release-1.20.0rc1)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[24 Aug 2025] DLA-4280-1 unbound - security update
+	{CVE-2024-33655 CVE-2025-5994}
+	[bullseye] - unbound 1.13.1-1+deb11u5
 [24 Aug 2025] DLA-4279-1 thunderbird - security update
 	{CVE-2025-9179 CVE-2025-9180 CVE-2025-9181 CVE-2025-9185}
 	[bullseye] - thunderbird 1:128.14.0esr-1~deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -408,9 +408,6 @@ u-boot (dleidert)
   NOTE: 20250601: WIP, patches for CVE-2021-27097 and CVE-2021-27138 prepped, but test fails (dleidert)
   NOTE: 20250629: WIP, problem fixed; testing required before DLA can be released (dleidert)
 --
-unbound (guilhem)
-  NOTE: 20250724: Added by Front-Desk (ta)
---
 wolfssl
   NOTE: 20250807: Added by Front-Desk (rouca)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0252158ddccfbbe1bdb40a937166c61ef4dffec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0252158ddccfbbe1bdb40a937166c61ef4dffec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250824/a6a031cb/attachment.htm>

More information about the debian-security-tracker-commits mailing list