Source: dnsdist
Version: 1.1.0-2
Severity: important
Tags: security patch upstream
Hi,
the following vulnerabilities were published for dnsdist, not filling
two bugs individually since 1.1.0 is commont for all affected suites.
CVE-2016-7069[0]:
Crafted backend responses can cause a denial of service
CVE-2017-7557[1]:
Alteration of ACLs via API authentication bypass
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-7069
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7069
[1] https://security-tracker.debian.org/tracker/CVE-2017-7557
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7557
Regards,
Salvatore