Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 08d0cf16 by Markus Koschany at 2023-03-29T14:46:34+02:00 Reserve DLA-3371-1 for unbound - - - - - 2 changed files: - data/CVE/list - data/DLA/list Changes: ===================================== data/CVE/list ===================================== @@ -45401,7 +45401,6 @@ CVE-2022-3205 (Cross site scripting in automation controller UI in Red Hat Ansib CVE-2022-3204 (A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation ...) - unbound 1.16.3-1 [bullseye] - unbound <no-dsa> (Minor issue) - [buster] - unbound <no-dsa> (Minor issue) NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt NOTE: Fixed by: https://github.com/NLnetLabs/unbound/commit/137719522a8ea5b380fbb6206d2466f402f5b554 (release-1.16.3) CVE-2022-3203 (On ORing net IAP-420(+) with FW version 2.0m a telnet server is enable ...) @@ -72626,13 +72625,11 @@ CVE-2022-30700 (An incorrect permission assignment vulnerability in Trend Micro CVE-2022-30699 (NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable ...) - unbound 1.16.2-1 (bug #1016493) [bullseye] - unbound <no-dsa> (Minor issue) - [buster] - unbound <no-dsa> (Minor issue) NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt NOTE: https://github.com/NLnetLabs/unbound/commit/f6753a0f1018133df552347a199e0362fc1dac68 (release-1.16.2) CVE-2022-30698 (NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable t ...) - unbound 1.16.2-1 (bug #1016493) [bullseye] - unbound <no-dsa> (Minor issue) - [buster] - unbound <no-dsa> (Minor issue) NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt NOTE: https://github.com/NLnetLabs/unbound/commit/f6753a0f1018133df552347a199e0362fc1dac68 (release-1.16.2) CVE-2022-30697 (Local privilege escalation due to insecure folder permissions. The fol ...) @@ -177587,7 +177584,6 @@ CVE-2020-28935 (NLnet Labs Unbound, up to and including version 1.12.0, and NLne [buster] - nsd <no-dsa> (Minor issue) [stretch] - nsd <no-dsa> (Minor issue) - unbound 1.13.0-1 (bug #977165) - [buster] - unbound <no-dsa> (Minor issue) [stretch] - unbound <end-of-life> (DSA 4694-1) NOTE: https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt NOTE: https://github.com/NLnetLabs/nsd/commit/a4caec3137a1bc9eca05d38d66e2bce572ca9bd3 (NSD_4_3_4_RC1) ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[29 Mar 2023] DLA-3371-1 unbound - security update + {CVE-2020-28935 CVE-2022-3204 CVE-2022-30698 CVE-2022-30699} + [buster] - unbound 1.9.0-2+deb10u3 [28 Mar 2023] DLA-3370-1 xrdp - security update {CVE-2022-23468 CVE-2022-23478 CVE-2022-23479 CVE-2022-23483 CVE-2022-23484 CVE-2022-23493} [buster] - xrdp 0.9.9-1+deb10u2 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d0cf1687b31ab3b4b124a9021b7b9a787c9b2c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d0cf1687b31ab3b4b124a9021b7b9a787c9b2c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits