Summary: | net-dns/knot: Downgrade attack on DNSSEC-secure domains (CVE-2019-10191) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | nemunaire, proxy-maint |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.knot-resolver.cz/2019-07-10-knot-resolver-4.1.0.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Sam James
2020-03-03 13:44:02 UTC
Hi @sam_c! This CVE refers to the project knot-resolver (https://www.knot-resolver.cz/ // https://gitlab.labs.nic.cz/knot/knot-resolver // https://repology.org/project/knot-resolver) but we haven't any ebuild for it, yet. Ebuilds 'net-dns/knot' is for the project knot-dns (https://www.knot-dns.cz/ // https://gitlab.labs.nic.cz/knot/knot-dns // https://repology.org/project/knot). Both projects shares the libknot and are made by the same people, but knot-dns is the authoritative server (like 'net-dns/nsd') and knot-resolver is the domain name resolver (like 'net-dns/unbound'). Please mark this bug as INVALID. (In reply to Pierre-Olivier Mercier from comment #1) > Hi @sam_c! > > This CVE refers to the project knot-resolver (https://www.knot-resolver.cz/ > // https://gitlab.labs.nic.cz/knot/knot-resolver // > https://repology.org/project/knot-resolver) but we haven't any ebuild for > it, yet. > > Ebuilds 'net-dns/knot' is for the project knot-dns (https://www.knot-dns.cz/ > // https://gitlab.labs.nic.cz/knot/knot-dns // > https://repology.org/project/knot). > > Both projects shares the libknot and are made by the same people, but > knot-dns is the authoritative server (like 'net-dns/nsd') and knot-resolver > is the domain name resolver (like 'net-dns/unbound'). > > Please mark this bug as INVALID. Thank you! Apologies for the mixup. |