Summary: | <net-dns/knot-{2.4.5, 2.5.2}: bypass the TSIG authentication | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Díaz Riveros (RETIRED) <chrisadr> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | jstein, maintainer-needed, nemunaire, ondrej, proxy-maint |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11104 | ||
Whiteboard: | ~3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Christopher Díaz Riveros (RETIRED)
2017-07-08 13:40:45 UTC
Ping Maintainer, could you please confirm that the bug is fixed in the tree? It seems that the bug was fixed in the next version (2.5.3 is the latest stable version right now) and the tree has 2.5.2 Thanks Unfortunately we had to drop the maintainer. Hi, Indeed, this bug is fixed in the tree. There are only 2.4.5 and 2.5.3 versions in tree (which both include fix in upstream tarball). (In reply to Pierre-Olivier Mercier from comment #3) > Hi, > > Indeed, this bug is fixed in the tree. There are only 2.4.5 and 2.5.3 > versions in tree (which both include fix in upstream tarball). Thank you for the info. @Security I dropped to ~3 since there are no stable versions in the tree. Could you please confirm to be able to close de report? Thanks Gentoo Security Padawan ChrisADR |