Author: carnil Date: 2017-11-27 18:06:10 +0000 (Mon, 27 Nov 2017) New Revision: 58055
Modified: data/CVE/list Log: Add additional references for pdns/pdns-recursor issues Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-27 18:04:16 UTC (rev 58054) +++ data/CVE/list 2017-11-27 18:06:10 UTC (rev 58055) @@ -6300,12 +6300,14 @@ [jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0) [wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0) NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-07.html + NOTE: https://downloads.powerdns.com/patches/2017-07/ CVE-2017-15093 [Configuration file injection in the API] RESERVED - pdns-recursor <unfixed> [stretch] - pdns-recursor <no-dsa> (Minor issue) [jessie] - pdns-recursor <no-dsa> (Minor issue) NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-06.html + NOTE: https://downloads.powerdns.com/patches/2017-06/ CVE-2017-15092 [Cross-Site Scripting in the web interface] RESERVED - pdns-recursor <unfixed> @@ -6313,12 +6315,14 @@ [jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0) [wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0) NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-05.html + NOTE: https://downloads.powerdns.com/patches/2017-05/ CVE-2017-15091 [Missing check on API operations] RESERVED - pdns <unfixed> [stretch] - pdns <no-dsa> (Minor issue) [jessie] - pdns <no-dsa> (Minor issue) NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2017-04.html + NOTE: https://downloads.powerdns.com/patches/2017-04/ CVE-2017-15090 [Insufficient validation of DNSSEC signatures] RESERVED - pdns-recursor <unfixed> @@ -6326,6 +6330,7 @@ [jessie] - pdns-recursor <not-affected> (Issue introduced in 4.0.0) [wheezy] - pdns-recursor <not-affected> (Issue introduced in 4.0.0) NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-03.html + NOTE: https://downloads.powerdns.com/patches/2017-03/ CVE-2017-15089 RESERVED CVE-2017-15088 (plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits