Date: Wed, 6 Apr 2022 10:41:11 GMT From: =?utf-8?Q?Fernando Apestegu=C3=ADa?= <fernape@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: bfd5d06e2185 - main - dns/powerdns*: document CVE-2022-27227 Message-ID: <202204061041.236AfBXS050349@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by fernape: URL: https://cgit.FreeBSD.org/ports/commit/?id=bfd5d06e21859b3312d82348a8cf30a4018a8e31 commit bfd5d06e21859b3312d82348a8cf30a4018a8e31 Author: Fernando ApesteguĂa <fernape@FreeBSD.org> AuthorDate: 2022-04-06 10:16:24 +0000 Commit: Fernando ApesteguĂa <fernape@FreeBSD.org> CommitDate: 2022-04-06 10:37:56 +0000 dns/powerdns*: document CVE-2022-27227 Related commits: 79872ab6096b3bfc3edbd2ec845698316260bd0d 56b664aa3d2cd0e8dbf48d26d0839d0b1aa5998f PR: 262879 Reported by: Ralf van der Enden <tremere@cainites.net> (maintainer) --- security/vuxml/vuln-2022.xml | 52 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index 0414eac68d62..946f0c4b1345 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -322,6 +322,58 @@ </dates> </vuln> + <vuln vid="cb84b940-add5-11ec-9bc8-6805ca2fa271"> + <topic>powerdns-recursor -- denial of service</topic> + <affects> + <package> + <name>powerdns-recursor</name> + <range><eq>4.6.0</eq></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>PowerDNS Team reports:</p> + <blockquote cite="https://www.powerdns.com/news.html#20220325">; + <p>PowerDNS Security Advisory 2022-01: incomplete validation of incoming IXFR transfer in Authoritative Server and Recursor.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2022-27227</cvename> + <url>https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.html</url>; + </references> + <dates> + <discovery>2022-03-25</discovery> + <entry>2022-03-27</entry> + </dates> + </vuln> + + <vuln vid="2cda5c88-add4-11ec-9bc8-6805ca2fa271"> + <topic>powerdns -- denial of service</topic> + <affects> + <package> + <name>powerdns</name> + <range><eq>4.6.0</eq></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>PowerDNS Team reports:</p> + <blockquote cite="https://www.powerdns.com/news.html#20220325">; + <p>PowerDNS Security Advisory 2022-01: incomplete validation of incoming IXFR transfer in Authoritative Server and Recursor.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2022-27227</cvename> + <url>https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.html</url>; + </references> + <dates> + <discovery>2022-03-25</discovery> + <entry>2022-03-27</entry> + </dates> + </vuln> + <vuln vid="323f900d-ac6d-11ec-a0b8-3065ec8fd3ec"> <topic>chromium -- V8 type confusion</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202204061041.236AfBXS050349>