svn commit: r459430 - head/security/vuxml
Danilo G. Baio
dbaio at FreeBSD.org
Fri Jan 19 15:12:48 UTC 2018
Author: dbaio
Date: Fri Jan 19 15:12:47 2018
New Revision: 459430
URL: https://svnweb.freebsd.org/changeset/ports/459430
Log:
security/vuxml: Document vulnerability in dns/unbound
Security: CVE-2017-15105
PR: 225313
Reported by: jaap at NLnetLabs.nl
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Fri Jan 19 15:09:04 2018 (r459429)
+++ head/security/vuxml/vuln.xml Fri Jan 19 15:12:47 2018 (r459430)
@@ -58,6 +58,36 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="8d3bae09-fd28-11e7-95f2-005056925db4">
+ <topic>unbound -- vulnerability in the processing of wildcard synthesized NSEC records</topic>
+ <affects>
+ <package>
+ <name>unbound</name>
+ <range><lt>1.6.8</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Unbound reports:</p>
+ <blockquote cite="https://unbound.net/downloads/CVE-2017-15105.txt">
+ <p>We discovered a vulnerability in the processing of wildcard synthesized
+ NSEC records. While synthesis of NSEC records is allowed by RFC4592,
+ these synthesized owner names should not be used in the NSEC processing.
+ This does, however, happen in Unbound 1.6.7 and earlier versions.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://unbound.net/downloads/CVE-2017-15105.txt</url>
+ <cvename>CVE-2017-15105</cvename>
+ <freebsdpr>ports/225313</freebsdpr>
+ </references>
+ <dates>
+ <discovery>2017-10-08</discovery>
+ <entry>2018-01-19</entry>
+ </dates>
+ </vuln>
+
<vuln vid="8e89a89a-fd15-11e7-bdf6-00e04c1ea73d">
<topic>phpbb3 -- multiple issues</topic>
<affects>
More information about the svn-ports-all
mailing list