Re: sad dns

To: debian-user@lists.debian.org
Subject: Re: sad dns
From: Reco <recoverym4n@enotuniq.net>
Date: Fri, 4 Dec 2020 15:00:17 +0300
Message-id: <[🔎] E1kl9l3-0006Qr-V8@enotuniq.net>
In-reply-to: <[🔎] ea2d4e66-bf65-51cd-f8b9-4e50e4bffdcc@merit.unu.edu>
References: <[🔎] ea2d4e66-bf65-51cd-f8b9-4e50e4bffdcc@merit.unu.edu>

	Hi.

On Fri, Dec 04, 2020 at 12:13:02PM +0100, mj wrote:
> I am wondering about the SAD DNS vulnerability, and wether or not it is solved in up-to-date debian 10.6.
> https://blog.kernelcare.com/vulnerability/kernelcare-patches-for-sad-dns-are-on-the-way
> It says, bottom of the page, that fixes are scheduled to in week 48 for debian and ubuntu.
> However, I haven't seen any kernel updates.
> Anyone with more information? (or pointers where to look for more debian-specific info)

CVE-2020-25705 was fixed in upstream kernel 4.19.153, and stable kind of got
this version (you have to know where to look for it):

linux (4.19.160-1) buster; urgency=medium
  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.153
    - icmp: randomize the global rate limiter (CVE-2020-25705)
...
 -- Salvatore Bonaccorso <carnil@debian.org>  Thu, 26 Nov 2020 21:23:20 +0100

Currently this kernel version sits in stable-proposed-updates.

Reco

Reply to:

References:
- sad dns
  - From: mj <lists@merit.unu.edu>

Prev by Date: Re: Installation instructions.
Next by Date: Emergency mode when root account locked
Previous by thread: sad dns
Next by thread: Re: sad dns
Index(es):
- Date
- Thread