[Git][security-tracker-team/security-tracker][master] Reserve DLA-3371-1 for unbound

Wed, 29 Mar 2023 05:47:03 -0700 


Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
08d0cf16 by Markus Koschany at 2023-03-29T14:46:34+02:00
Reserve DLA-3371-1 for unbound

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45401,7 +45401,6 @@ CVE-2022-3205 (Cross site scripting in automation 
controller UI in Red Hat Ansib
 CVE-2022-3204 (A vulnerability named 'Non-Responsive Delegation Attack' 
(NRDelegation ...)
        - unbound 1.16.3-1
        [bullseye] - unbound <no-dsa> (Minor issue)
-       [buster] - unbound <no-dsa> (Minor issue)
        NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
        NOTE: Fixed by: 
https://github.com/NLnetLabs/unbound/commit/137719522a8ea5b380fbb6206d2466f402f5b554
 (release-1.16.3)
 CVE-2022-3203 (On ORing net IAP-420(+) with FW version 2.0m a telnet server is 
enable ...)
@@ -72626,13 +72625,11 @@ CVE-2022-30700 (An incorrect permission assignment 
vulnerability in Trend Micro
 CVE-2022-30699 (NLnet Labs Unbound, up to and including version 1.16.1, is 
vulnerable  ...)
        - unbound 1.16.2-1 (bug #1016493)
        [bullseye] - unbound <no-dsa> (Minor issue)
-       [buster] - unbound <no-dsa> (Minor issue)
        NOTE: 
https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt
        NOTE: 
https://github.com/NLnetLabs/unbound/commit/f6753a0f1018133df552347a199e0362fc1dac68
 (release-1.16.2)
 CVE-2022-30698 (NLnet Labs Unbound, up to and including version 1.16.1 is 
vulnerable t ...)
        - unbound 1.16.2-1 (bug #1016493)
        [bullseye] - unbound <no-dsa> (Minor issue)
-       [buster] - unbound <no-dsa> (Minor issue)
        NOTE: 
https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt
        NOTE: 
https://github.com/NLnetLabs/unbound/commit/f6753a0f1018133df552347a199e0362fc1dac68
 (release-1.16.2)
 CVE-2022-30697 (Local privilege escalation due to insecure folder permissions. 
The fol ...)
@@ -177587,7 +177584,6 @@ CVE-2020-28935 (NLnet Labs Unbound, up to and 
including version 1.12.0, and NLne
        [buster] - nsd <no-dsa> (Minor issue)
        [stretch] - nsd <no-dsa> (Minor issue)
        - unbound 1.13.0-1 (bug #977165)
-       [buster] - unbound <no-dsa> (Minor issue)
        [stretch] - unbound <end-of-life> (DSA 4694-1)
        NOTE: https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt
        NOTE: 
https://github.com/NLnetLabs/nsd/commit/a4caec3137a1bc9eca05d38d66e2bce572ca9bd3
 (NSD_4_3_4_RC1)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[29 Mar 2023] DLA-3371-1 unbound - security update
+       {CVE-2020-28935 CVE-2022-3204 CVE-2022-30698 CVE-2022-30699}
+       [buster] - unbound 1.9.0-2+deb10u3
 [28 Mar 2023] DLA-3370-1 xrdp - security update
        {CVE-2022-23468 CVE-2022-23478 CVE-2022-23479 CVE-2022-23483 
CVE-2022-23484 CVE-2022-23493}
        [buster] - xrdp 0.9.9-1+deb10u2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d0cf1687b31ab3b4b124a9021b7b9a787c9b2c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d0cf1687b31ab3b4b124a9021b7b9a787c9b2c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to