After fixing this bug, we’ll need to rebuild the following binaries: golang-github-hashicorp-consul-dev golang-github-hashicorp-mdns-dev golang-github-xenolf-lego-dev docker.io prometheus-blackbox-exporter coyim rawdns goiardi prometheus dnss kubernetes-client golang-dns-dev golang-github-hashicorp-memberlist-dev golang-github-skynetservices-skydns-dev
On Mon, Jan 29, 2018 at 8:57 PM, Salvatore Bonaccorso <car...@debian.org> wrote: > Source: golang-github-miekg-dns > Version: 0.0~git20161018.0.58f52c5-1 > Severity: important > Tags: patch security upstream > > Hi, > > the following vulnerability was published for golang-github-miekg-dns. > > CVE-2017-15133[0]: > | A denial of service flaw was found in miekg-dns before 1.0.4. A remote > | attacker could use carefully timed TCP packets to block the DNS server > | from accepting new connections. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2017-15133 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15133 > [1] https://github.com/miekg/dns/issues/627 > > Please adjust the affected versions in the BTS as needed. > > Regards, > Salvatore > > _______________________________________________ > Pkg-go-maintainers mailing list > Pkg-go-maintainers@lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-go-maintainers > -- Best regards, Michael
_______________________________________________ Pkg-go-maintainers mailing list Pkg-go-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-go-maintainers