diff options
| author | Markus Koschany <apo@debian.org> | 2024-04-26 07:35:06 +0200 |
|---|---|---|
| committer | Markus Koschany <apo@debian.org> | 2024-04-26 07:35:06 +0200 |
| commit | d58a13559c87c505e23427b90a9de979336e05e2 (patch) | |
| tree | 3e4cdb8cc0cb78154f097c5a3b38f59076705e2f | |
| parent | 6713020fa60d3e2a5a1bebb7199840a5cbca4e0e (diff) | |
Reserve DLA-3795-1 for knot-resolver
| -rw-r--r-- | data/CVE/list | 4 | ||||
| -rw-r--r-- | data/DLA/list | 3 | ||||
| -rw-r--r-- | data/dla-needed.txt | 5 |
3 files changed, 3 insertions, 9 deletions
diff --git a/data/CVE/list b/data/CVE/list index 02b253b940..647aa6fef6 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -294164,7 +294164,6 @@ CVE-2020-12668 (Jinjava before 2.5.4 allow access to arbitrary classes by callin NOT-FOR-US: Jinjava CVE-2020-12667 (Knot Resolver before 5.1.1 allows traffic amplification via a crafted ...) - knot-resolver 5.1.1-0.1 (bug #961076) - [buster] - knot-resolver <no-dsa> (Minor issue; can be fixed via point release) NOTE: https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/ NOTE: commit: https://gitlab.labs.nic.cz/knot/knot-resolver/-/commit/54f05e4d7b2e47c0bdd30b84272fc503cc65304b NOTE: commit: https://gitlab.labs.nic.cz/knot/knot-resolver/-/commit/ba7b89db780fe3884b4e90090318e25ee5afb118 @@ -325401,7 +325400,6 @@ CVE-2019-19332 (An out-of-bounds memory write issue was found in the Linux Kerne NOTE: https://git.kernel.org/linus/433f4ba1904100da65a311033f17a9bf586b287e CVE-2019-19331 (knot-resolver before version 4.3.0 is vulnerable to denial of service ...) - knot-resolver 5.0.1-1 (bug #946181) - [buster] - knot-resolver <no-dsa> (Minor issue; can be fixed via point release) NOTE: https://www.openwall.com/lists/oss-security/2019/12/04/4 CVE-2019-19329 (In Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-0 ...) NOT-FOR-US: Wikibase Wikidata Query Service GUI @@ -356412,13 +356410,11 @@ CVE-2019-10192 (A heap-buffer overflow vulnerability was found in the Redis hype NOTE: https://github.com/antirez/redis/commit/7f79849caa006f0d760b6c7e17f7796e3be92b4f (5.0.4) CVE-2019-10191 (A vulnerability was discovered in DNS resolver of knot resolver before ...) - knot-resolver 5.0.1-1 (bug #932048) - [buster] - knot-resolver <no-dsa> (Minor issue; can be fixed via point release) NOTE: https://www.knot-resolver.cz/2019-07-10-knot-resolver-4.1.0.html NOTE: https://gitlab.labs.nic.cz/knot/knot-resolver/merge_requests/839 NOTE: https://www.openwall.com/lists/oss-security/2019/07/14/1 CVE-2019-10190 (A vulnerability was discovered in DNS resolver component of knot resol ...) - knot-resolver 5.0.1-1 (bug #932048) - [buster] - knot-resolver <no-dsa> (Minor issue; can be fixed via point release) NOTE: https://www.knot-resolver.cz/2019-07-10-knot-resolver-4.1.0.html NOTE: https://gitlab.labs.nic.cz/knot/knot-resolver/merge_requests/827 NOTE: https://www.openwall.com/lists/oss-security/2019/07/14/1 diff --git a/data/DLA/list b/data/DLA/list index 3b464cc0f3..f9fc72a722 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[26 Apr 2024] DLA-3795-1 knot-resolver - security update + {CVE-2019-10190 CVE-2019-10191 CVE-2019-19331 CVE-2020-12667} + [buster] - knot-resolver 3.2.1-3+deb10u2 [25 Apr 2024] DLA-3794-1 putty - security update {CVE-2020-14002 CVE-2021-36367 CVE-2023-48795 CVE-2019-17069} [buster] - putty 0.74-1+deb11u1~deb10u1 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index c708eb2659..17e6180a9f 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -124,11 +124,6 @@ jenkins-htmlunit-core-js NOTE: 20231231: … TransformerFactory without setting the ~secure flag, so it may NOTE: 20231231: … indeed be vulnerable. (lamby) -- -knot-resolver - NOTE: 20231029: Added by Front-Desk (gladk) - NOTE: 20240310: Dropped from dla-needed.txt (ola/front-desk) - NOTE: 20240311: Reverted decision to remove from dla-needed since four CVEs has been fixed in bullseye. (ola) --- less (Abhijith PA) NOTE: 20240418: Added by Front-Desk (apo) -- |