Sicherheit: Zwei Probleme in knot-resolver
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in knot-resolver
ID: FEDORA-2019-fdb50c675d
Distribution: Fedora
Plattformen: Fedora 30
Datum: Fr, 19. Juli 2019, 07:15
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10191
Applikationen: Knot DNS


Fedora Update Notification
2019-07-19 01:10:17.414885

Name : knot-resolver
Product : Fedora 30
Version : 4.1.0
Release : 1.fc30
URL : https://www.knot-resolver.cz/
Summary : Caching full DNS Resolver
Description :
The Knot Resolver is a DNSSEC-enabled caching full resolver implementation
written in C and LuaJIT, including both a resolver library and a daemon.
Modular architecture of the library keeps the core tiny and efficient, and
provides a state-machine like API for extensions.

The package is pre-configured as local caching resolver.
To start using it, start a single kresd instance:
$ systemctl start kresd@1.service

Update Information:

- fixes security issues CVE-2019-10190 and CVE-2019-10191 -

* Wed Jul 10 2019 Tomas Krizek <tomas.krizek@nic.cz> - 4.1.0-1
- update to new upstream version 4.1.0
- add kres-cache-gc.service
* Wed May 29 2019 Tomas Krizek <tomas.krizek@nic.cz> - 4.0.0.-1
- rebase to new upstream release 4.0.0
- bump Knot DNS libraries to 2.8 (ABI compat)
- use new upstream build system - meson
- add knot-resolver-module-http package along with new lua dependecies

[ 1 ] Bug #1727208 - CVE-2019-10190 knot-resolver: improper input validation
in DNS resolver allows remote attacker to bypass DNSSEC validation
[ 2 ] Bug #1727211 - CVE-2019-10191 knot-resolver: improper input validation
in DNS resolver allows remote attacker to poison cache by unsigned negative answer

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-fdb50c675d' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten