Bug#751750: pu: package ldns/1.6.13-1+deb7u1

To: Ondřej Surý <ondrej@debian.org>, 751750@bugs.debian.org
Subject: Bug#751750: pu: package ldns/1.6.13-1+deb7u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 19 Jun 2014 13:09:47 +0100
Message-id: <[🔎] 8d1ca3f55564c80d204908b4c1e80fd8@mail.adsl.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 751750@bugs.debian.org
In-reply-to: <[🔎] 20140616094540.28337.64323.reportbug@howl.nic.cz>
References: <[🔎] 20140616094540.28337.64323.reportbug@howl.nic.cz>

Control: tags -1 + confirmed

On 2014-06-16 10:45, Ondřej Surý wrote:

I have prepared security, but non-dsa, update to ldns that creates
private DNSSEC keys with default umask (CVE-2014-3209).

The patch is very simple and it has been prepared by
upstream.

[...]

 ldns (1.6.13-1+deb7u1) stable-security; urgency=medium
 .

* [CVE-2014-3209]: fix ldns-keygen writing private DNSKEYs withdefault

     umask (Closes: #746758)
[...]

It's not a critical issue (hence non-DSA), but it would be nice to
have this fixed in stable.


Please s/stable-security/wheezy/ in the changelog and go ahead; thanks.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#751750: pu: package ldns/1.6.13-1+deb7u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#751750: pu: package ldns/1.6.13-1+deb7u1
  - From: Ondřej Surý <ondrej@debian.org>

Prev by Date: Processed: Re: Bug#751750: pu: package ldns/1.6.13-1+deb7u1
Next by Date: Bug#751978: pu: package xmms2/0.8+dfsg-4+deb7u1
Previous by thread: Processed: Re: Bug#751750: pu: package ldns/1.6.13-1+deb7u1
Next by thread: Bug#751750: pu: package ldns/1.6.13-1+deb7u1
Index(es):
- Date
- Thread