| Release | Version |
|---|---|
| buster | 3.2.1-3+deb10u2 |
| bullseye | 5.3.1-1+deb11u1 |
| bookworm | 5.6.0-1+deb12u1 |
| trixie | 5.7.4-2 |
| sid | 5.7.4-2 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2023-50868 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 whe ... |
| CVE-2023-50387 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6 ... |
| CVE-2023-46317 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Knot Resolver before 5.7.0 performs many TCP reconnections upon receiv ... |
| CVE-2023-26249 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Knot Resolver before 5.6.0 enables attackers to consume its resources, ... |
| CVE-2022-40188 | fixed | vulnerable (no DSA) | fixed | fixed | fixed | Knot Resolver before 5.5.3 allows remote attackers to cause a denial o ... |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2022-32983 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Knot Resolver through 5.5.1 may allow DNS cache poisoning when there i ... |
| Bug | Description |
|---|---|
| CVE-2021-40083 | Knot Resolver before 5.3.2 is prone to an assertion failure, triggerab ... |
| CVE-2020-12667 | Knot Resolver before 5.1.1 allows traffic amplification via a crafted ... |
| CVE-2019-19331 | knot-resolver before version 4.3.0 is vulnerable to denial of service ... |
| CVE-2019-10191 | A vulnerability was discovered in DNS resolver of knot resolver before ... |
| CVE-2019-10190 | A vulnerability was discovered in DNS resolver component of knot resol ... |
| CVE-2018-1000002 | Improper input validation bugs in DNSSEC validators components in Knot ... |
| CVE-2018-10920 | Improper input validation bug in DNS resolver component of Knot Resolv ... |
| CVE-2018-1110 | A flaw was found in knot-resolver before version 2.3.0. Malformed DNS ... |
| DSA / DLA | Description |
|---|---|
| DLA-3795-1 | knot-resolver - security update |
| DSA-5633-1 | knot-resolver - security update |
| DLA-3139-1 | knot-resolver - security update |