[Git][security-tracker-team/security-tracker][master] Add new bind9 issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8a54b3df by Salvatore Bonaccorso at 2026-05-20T13:00:38+02:00
Add new bind9 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2026-3592 [Limit resolver server list size]
+	- bind9 1:9.20.23-1
+CVE-2026-3039 [Fix GSS-API resource leak]
+	- bind9 1:9.20.23-1
+CVE-2026-5946 [Disable recursion, UPDATE, and NOTIFY for non-IN views]
+	- bind9 1:9.20.23-1
+CVE-2026-5950 [Avoid unbounded recursion loop]
+	- bind9 1:9.20.23-1
+CVE-2026-5947 [Fix crash in resolver when SIG(0)-signed responses are received under load]
+	- bind9 1:9.20.23-1
+CVE-2026-3593 [Fix use-after-free error in DNS-over-HTTPS when processing HTTP/2 SETTINGS frames]
+	- bind9 1:9.20.23-1
 CVE-2026-44608 [Use after free and crash in RPZ code (special requirements apply)]
 	- unbound <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a54b3df3ba9bbf80a925b7c2dc73df54f860638

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a54b3df3ba9bbf80a925b7c2dc73df54f860638
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260520/b67f0096/attachment.htm>