[SECURITY] [DSA 5633-1] knot-resolver security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5633-1] knot-resolver security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Tue, 27 Feb 2024 21:35:50 +0000
Message-id: <[🔎] Zd5VtpAEdYCpGHJ0@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5633-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 27, 2024                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : knot-resolver
CVE ID         : CVE-2023-46317 CVE-2023-50387 CVE-2023-50868

It was discovered that malformed DNSSEC records within a DNS zone could
result in denial of service against Knot Resolver, a caching, DNSSEC-
validating DNS resolver.

For the stable distribution (bookworm), these problems have been fixed in
version 5.6.0-1+deb12u1.

We recommend that you upgrade your knot-resolver packages.

For the detailed security status of knot-resolver please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/knot-resolver

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmXeVDMACgkQEMKTtsN8
TjZ+PA//danYWvHrMi+Bo5EZHFBRrUHi6lCIE3jW/Nt+qEkZdJ17QV2rvGoiTtrx
JQmt8PjlJxMG28Vyw6O8SIOzLgKivqR2FazvQ9XWFm+8VEAfB+mWjYjyQAgJ/T9C
RPoo1lbrc6NFgZzBtz3gTN7H/Q0sdSWWTATvCAJfGXujToMA3oJjrNvidla8prE3
zkMSGHvZyaP21iyn7cPmE9VOK628R13VOo6gKne+Wf9NDqJ7MnwE1lBFjqo7E/ah
soWDGPYNe2MxNi5S76XINU7NRDyibDCN+vmF6KPb66cBN5HkChlEFejd/5qsCjWq
IMWMrfYNvcttvTkx73D7jVHKEkV/EaxoNVVXvzeSTGdsjvt/1ySQrK3uhWrpFQ4a
72B5Oxtuk6NRCjFV9rJkoTfZ1SCpms+OVoG4nwVHxGfZGZefJ5O7u2q9r2r4HD4d
5Bv+F+d+ey9ZCtHN2qL9AfBWapxdsGLAnb8r5Sp9HQQtMsm2o2XDD6dvJ/TF8g6k
ukROl796cUPU5j1mR+/voPBaMhZoLDpFtBCmmQ0it+bDrIBYUxxkgZHG/h/M25sc
GYwB4hzob1psHZvvuUAtT+l6+/WHTlKqTmOVgJ0/J3f+RKtihK5obqGS3VYXHsCe
tlWG79kejlzm6HlIISRANCZ6AtcpR1Ao3GBXYPnwL3xs4R7qvLU=
=QRSI
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5631-1] iwd security update
Next by Date: [SECURITY] [DSA 5634-1] chromium security update
Previous by thread: [SECURITY] [DSA 5631-1] iwd security update
Next by thread: [SECURITY] [DSA 5634-1] chromium security update
Index(es):
- Date
- Thread