On Sat, Dec 22, 2018 at 01:02:06PM +0530, Abhijith PA wrote: > Hello. > > > I am currently working on pdns and pdns-recursor's security issues > and which are marked as no-DSA, postponed. Last month I picked it up as > I had some time remaining. Upstream patch is available for the remaining > issues(CVE-2018-10851, CVE-2018-14644). Both patches contain C++11 > specific code and I was only able to port CVE-2018-14644. In > CVE-2018-10851 I used 'boost' library's smart pointers to deal with the > default C++11 smart pointers, but I am not quite there. I was wondering > whether anyone here can _help_ me with it. I don't want to spend anymore > time in it as it is not so popular one and it has no-DSA postponed > priority.
The DNSSEC-related bugs were not fixed in a DSA since DNSSEC support in 4.0 isn't production-ready, upstream only deems it fully usable in 4.1. As such you can safely mark them for jessie as <ignored>. Cheers, Moritz