Information on source package ldns

Available versions

ReleaseVersion
jessie1.6.17-5
stretch1.7.0-1+deb9u1
buster1.7.0-4
bullseye1.7.1-2
bookworm1.8.3-1
trixie1.8.3-1
sid1.8.3-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2020-19861vulnerablefixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedWhen a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt ...
CVE-2020-19860vulnerablefixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedWhen ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_ ...
CVE-2017-1000232vulnerable (no DSA)fixedfixedfixedfixedfixedfixedA double-free vulnerability in str2host.c in ldns 1.7.0 have unspecifi ...
CVE-2017-1000231vulnerable (no DSA)fixedfixedfixedfixedfixedfixedA double-free vulnerability in parse.c in ldns 1.7.0 have unspecified ...

Resolved issues

BugDescription
CVE-2014-3209The ldns-keygen tool in ldns 1.6.x uses the current umask to set the p ...
CVE-2011-3581Heap-based buffer overflow in the ldns_rr_new_frm_str_internal functio ...
CVE-2009-1086Heap-based buffer overflow in the ldns_rr_new_frm_str_internal functio ...

Security announcements

DSA / DLADescription
DLA-2910-1ldns - security update
DLA-1182-1ldns - security update
DSA-2353-1ldns - buffer overflow
DSA-1795-1ldns - arbitrary code execution
Search for package or bug name: Reporting problems