Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4ce94f22 by Salvatore Bonaccorso at 2025-05-20T22:45:56+02:00
Add CVE-2025-30193/dnsdist
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -87,7 +87,11 @@ CVE-2025-40634 (Stack-based buffer overflow vulnerability in
the 'conn-indicator
CVE-2025-40633 (A Stored Cross-Site Scripting (XSS) vulnerability has been
found in K ...)
TODO: check
CVE-2025-30193 (In some circumstances, when DNSdist is configured to allow an
unlimite ...)
- TODO: check
+ - dnsdist <unfixed>
+ NOTE:
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-03.html
+ NOTE: https://github.com/PowerDNS/pdns/pull/15572
+ NOTE: Fixed by:
https://github.com/PowerDNS/pdns/commit/096c0fc0c015e80f815eb99aea1bc0eca28cb269
(dnsdist-1.9.10)
+ NOTE: Fixed by:
https://github.com/PowerDNS/pdns/commit/3a2a8dfdf0d9e43ba13973d31e3c6fb2da228099
(dnsdist-1.9.10)
CVE-2025-26086 (An unauthenticated blind SQL injection vulnerability exists in
RSI Que ...)
NOT-FOR-US: RSI Queue Management System
CVE-2025-22157 (This High severity PrivEsc (Privilege Escalation)
vulnerability was in ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ce94f2209a0efe018cdd3eed6aa52ff2f564460
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ce94f2209a0efe018cdd3eed6aa52ff2f564460
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
