Site Navigation

Date:      Thu, 29 Jul 2021 09:54:31 +0000
From:      "Sergey A. Osokin" <osa@freebsd.org>
To:        Li-Wen Hsu <lwhsu@freebsd.org>
Cc:        ports-committers@freebsd.org, dev-commits-ports-all@freebsd.org, dev-commits-ports-main@freebsd.org
Subject:   Re: git: 91a5f545e162 - main - security/vuxml: Document dns/powerdns CVE-2021-36754
Message-ID:  <YQJ61/LMQTviU36x@FreeBSD.org>
In-Reply-To: <202107270901.16R91D9e049593@gitrepo.freebsd.org>
References:  <202107270901.16R91D9e049593@gitrepo.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

--oxKma2REh6A3ixJm
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Thank you so much, Li-Wen!

On Tue, Jul 27, 2021 at 09:01:13AM +0000, Li-Wen Hsu wrote:
> The branch main has been updated by lwhsu:
>=20
> URL: https://cgit.FreeBSD.org/ports/commit/?id=3D91a5f545e16283e3fcc68267=
6521a40036cc8691
>=20
> commit 91a5f545e16283e3fcc682676521a40036cc8691
> Author:     rob2g2 <rob2g2-freebsd@bitbert.com>
> AuthorDate: 2021-07-27 08:48:53 +0000
> Commit:     Li-Wen Hsu <lwhsu@FreeBSD.org>
> CommitDate: 2021-07-27 09:00:51 +0000
>=20
>     security/vuxml: Document dns/powerdns CVE-2021-36754
>    =20
>     PR:             257435
> ---
>  security/vuxml/vuln-2021.xml | 26 ++++++++++++++++++++++++++
>  1 file changed, 26 insertions(+)
>=20
> diff --git a/security/vuxml/vuln-2021.xml b/security/vuxml/vuln-2021.xml
> index b10f789df286..d9889781f7f0 100644
> --- a/security/vuxml/vuln-2021.xml
> +++ b/security/vuxml/vuln-2021.xml
> @@ -1,3 +1,29 @@
> +  <vuln vid=3D"ce79167f-ee1c-11eb-9785-b42e99a1b9c3">
> +    <topic>powerdns -- remotely triggered crash</topic>
> +    <affects>
> +      <package>
> +	<name>powerdns</name>
> +	<range><eq>4.5.0</eq></range>
> +      </package>
> +    </affects>
> +    <description>
> +      <body xmlns=3D"http://www.w3.org/1999/xhtml">;
> +	<p>powerdns reports:</p>
> +	<blockquote cite=3D"https://www.powerdns.com/news.html#20210726">;
> +	  <p>PowerDNS Security Advisory 2021-01: Specific query crashes Authori=
tative Server</p>
> +	</blockquote>
> +      </body>
> +    </description>
> +    <references>
> +      <cvename>CVE-2021-36754</cvename>
> +      <url>https://blog.powerdns.com/2021/07/26/security-advisory-2021-0=
1-for-powerdns-authoritative-server-4-5-0/</url>
> +    </references>
> +    <dates>
> +      <discovery>2021-07-26</discovery>
> +      <entry>2021-07-27</entry>
> +    </dates>
> +  </vuln>
> +
>    <vuln vid=3D"cc553d79-e1f0-4b94-89f2-bacad42ee826">
>      <topic>mosquitto -- NULL pointer dereference</topic>
>      <affects>

--oxKma2REh6A3ixJm
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQITBAEBCgB9FiEEZTMJYdHlAQrZCsSmOBlAga+KbzQFAmECetJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDY1
MzMwOTYxRDFFNTAxMEFEOTBBQzRBNjM4MTk0MDgxQUY4QTZGMzQACgkQOBlAga+K
bzT/FgwAsumUKCS0kUwgTuqK5zHqgVLbN9GRIfF9ffl+WOuOXlswC2uw6W5/NSn9
dqC2QCtxVBDoN5EsixAmSGy/NUG4wtKYlpn7O3vpWQEXfJGUkDJtA14tYYeeyJXL
XjsxklNUTHAiLgVwuPoDQ7Fn8iTS9USFEamZlwdKwsKmA7OUoUq3YGdg9NVbxs0P
EtZMBu4/opdEftAdz7xNCrYAZlvFqLFsK8IUnVp5rlyX02skCE6MdqXOSn/0QCaW
F4XMNqIQidjr/fKAq0Y/AgG95yo15CiVQqfXJt1mWVCjR3XEnO+9ZOqhTYiuSAsr
6g5xLFCuQ8XelzRxTYiG1MfwCzHuTFsM3ZEuv8llPemLZ7tSQuJUwKGdF3ME+mWF
0cSwo6zrMmKKFtAisLq+2EBCfw+fv5Axv5c6DJApLWlxhq2atSIefTKZUfZHkWwp
4tot/vkwncuMOXT6Zcmf+QG6AFTaNAn80DJ4VO7GaYX65LMXaD8tjGEBnt3H12XV
xyJq/sTz
=55JN
-----END PGP SIGNATURE-----

--oxKma2REh6A3ixJm--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YQJ61/LMQTviU36x>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact