action needed
2 security issues in sid
high
There are 2 open security issues in sid.
2 important issues:
- CVE-2008-4392: dnscache in Daniel J. Bernstein djbdns 1.05 does not prevent simultaneous identical outbound DNS queries, which makes it easier for remote attackers to spoof DNS responses, as demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query.
- CVE-2012-1191: The resolver in dnscache in Daniel J. Bernstein djbdns 1.05 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
The package has not entered testing even though the delay is over
normal
The package has not entered testing even though the 10-day delay is over.
Check why.
Standards version of the package is outdated.
wishlist
The package should be updated to follow the last version of Debian Policy
(Standards-Version 4.5.0 instead of
4.3.0).
testing migrations
-
excuses:
- Migration status for djbdns (- to 1:1.05-10): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Not built on buildd: arch amd64 binaries uploaded by KAction@gnu.org
- Additional info:
- Piuparts tested OK - https://piuparts.debian.org/sid/source/d/djbdns.html
- 26 days old (needed 10 days)
- Not considered
![[bug history graph]](https://qa.debian.org/data/bts/graphs/d/djbdns.png){kind=link}