Security update for knot (moderate)

2018-05-23T21:24:23
ID OPENSUSE-SU-2018:1395-1
Type suse
Reporter Suse
Modified 2018-05-23T21:24:23

Description

This update for knot fixes the following issues:

  • CVE-2017-11104: Knot DNS contained a flaw within the TSIG protocol implementation that would allow an attacker with a valid key name and algorithm to bypass TSIG authentication if no additional ACL restrictions are set, because of an improper TSIG validity period check. (boo#1047841)