Information on source package knot-resolver

Available versions

ReleaseVersion
buster3.2.1-3+deb10u2
bullseye5.3.1-1+deb11u1
bookworm5.6.0-1+deb12u1
trixie5.7.4-2
sid5.7.4-2

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-50868vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedThe Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 whe ...
CVE-2023-50387vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedCertain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6 ...
CVE-2023-46317vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedKnot Resolver before 5.7.0 performs many TCP reconnections upon receiv ...
CVE-2023-26249vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedKnot Resolver before 5.6.0 enables attackers to consume its resources, ...
CVE-2022-40188fixedvulnerable (no DSA)fixedfixedfixedKnot Resolver before 5.5.3 allows remote attackers to cause a denial o ...

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2022-32983vulnerablevulnerablevulnerablevulnerablevulnerableKnot Resolver through 5.5.1 may allow DNS cache poisoning when there i ...

Resolved issues

BugDescription
CVE-2021-40083Knot Resolver before 5.3.2 is prone to an assertion failure, triggerab ...
CVE-2020-12667Knot Resolver before 5.1.1 allows traffic amplification via a crafted ...
CVE-2019-19331knot-resolver before version 4.3.0 is vulnerable to denial of service ...
CVE-2019-10191A vulnerability was discovered in DNS resolver of knot resolver before ...
CVE-2019-10190A vulnerability was discovered in DNS resolver component of knot resol ...
CVE-2018-1000002Improper input validation bugs in DNSSEC validators components in Knot ...
CVE-2018-10920Improper input validation bug in DNS resolver component of Knot Resolv ...
CVE-2018-1110A flaw was found in knot-resolver before version 2.3.0. Malformed DNS ...

Security announcements

DSA / DLADescription
DLA-3795-1knot-resolver - security update
DSA-5633-1knot-resolver - security update
DLA-3139-1knot-resolver - security update

Search for package or bug name: Reporting problems