Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8ea23d4e by Salvatore Bonaccorso at 2026-05-20T16:53:48+02:00
Add Debian bug references for unbound issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50,37 +50,37 @@ CVE-2026-3593 [Fix use-after-free error in DNS-over-HTTPS
when processing HTTP/2
- bind9 1:9.20.23-1
NOTE: https://kb.isc.org/docs/cve-2026-3593
CVE-2026-44608 [Use after free and crash in RPZ code (special requirements
apply)]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-44390 [Unbounded name compression in certain cases causes degradation
of service]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-42960 [Possible cache poisoning attack while following delegation]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-42923 [Degradation of service with unbounded NSEC3 hash calculations]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-42534 [Jostle logic bypass degrades resolution performance]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-41292 [Parsing a long list of incoming EDNS options degrades
performance]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-40622 ["Ghost domain name" variant]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-32792 [Packet of death with DNSCrypt (feasibility very low]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-42959 [Crash during DNSSEC validation of malicious content]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-42944 [Heap overflow and crash with multiple nsid, cookie, padding
EDNS options]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-33278 [Possible arbitrary code execution during DNSSEC validation]
- - unbound <unfixed>
+ - unbound <unfixed> (bug #1137187)
NOTE: https://www.openwall.com/lists/oss-security/2026/05/20/5
CVE-2026-9057 (A broken access control issue has been identified in the Talend
Admini ...)
NOT-FOR-US: Talend Administration Center
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ea23d4ede58f278682bbe209c86d462496f3a08
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ea23d4ede58f278682bbe209c86d462496f3a08
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
