| Release | Version |
|---|---|
| wheezy | 1.6.13-1+deb7u1 |
| wheezy (security) | 1.6.13-1+deb7u2 |
| jessie | 1.6.17-5 |
| stretch | 1.7.0-1 |
| buster | 1.7.0-3 |
| sid | 1.7.0-3 |
| Bug | wheezy | jessie | stretch | buster | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2017-1000232 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | A double-free vulnerability in str2host.c in ldns 1.7.0 have ... |
| CVE-2017-1000231 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified ... |
| Bug | Description |
|---|---|
| CVE-2014-3209 | The ldns-keygen tool in ldns 1.6.x uses the current umask to set the ... |
| CVE-2011-3581 | Heap-based buffer overflow in the ldns_rr_new_frm_str_internal ... |
| CVE-2009-1086 | Heap-based buffer overflow in the ldns_rr_new_frm_str_internal ... |
| DSA / DLA | Description |
|---|---|
| DLA-1182-1 | ldns - security update |
| DSA-2353-1 | ldns - buffer overflow |
| DSA-2353-1 | ldns - buffer overflow |
| DSA-1795-1 | ldns - arbitrary code execution |