Security update for knot (moderate)

2018-05-2321:24:23

lists.opensuse.org

0.003 Low

EPSS

Percentile

67.8%

JSON

This update for knot fixes the following issues:

CVE-2017-11104: Knot DNS contained a flaw within the TSIG protocol
implementation that would allow an attacker with a valid key name and
algorithm to bypass TSIG authentication if no additional ACL
restrictions are set, because of an improper TSIG validity period check.
(boo#1047841)

OSVersionArchitecturePackageVersionFilename
openSUSE Leap42.3i586knot-debuginfo< 1.6.5-5.3.1knot-debuginfo-1.6.5-5.3.1.i586.rpm
openSUSE Leap42.3x86_64knot-debuginfo< 1.6.5-5.3.1knot-debuginfo-1.6.5-5.3.1.x86_64.rpm
openSUSE Leap42.3x86_64knot-debugsource< 1.6.5-5.3.1knot-debugsource-1.6.5-5.3.1.x86_64.rpm
openSUSE Leap42.3i586knot-debugsource< 1.6.5-5.3.1knot-debugsource-1.6.5-5.3.1.i586.rpm
openSUSE Leap42.3x86_64knot< 1.6.5-5.3.1knot-1.6.5-5.3.1.x86_64.rpm
openSUSE Leap42.3i586knot< 1.6.5-5.3.1knot-1.6.5-5.3.1.i586.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	42.3	i586	knot-debuginfo	< 1.6.5-5.3.1	knot-debuginfo-1.6.5-5.3.1.i586.rpm
openSUSE Leap	42.3	x86_64	knot-debuginfo	< 1.6.5-5.3.1	knot-debuginfo-1.6.5-5.3.1.x86_64.rpm
openSUSE Leap	42.3	x86_64	knot-debugsource	< 1.6.5-5.3.1	knot-debugsource-1.6.5-5.3.1.x86_64.rpm
openSUSE Leap	42.3	i586	knot-debugsource	< 1.6.5-5.3.1	knot-debugsource-1.6.5-5.3.1.i586.rpm
openSUSE Leap	42.3	x86_64	knot	< 1.6.5-5.3.1	knot-1.6.5-5.3.1.x86_64.rpm
openSUSE Leap	42.3	i586	knot	< 1.6.5-5.3.1	knot-1.6.5-5.3.1.i586.rpm