| Release | Version |
|---|---|
| buster | 1.7.0-4 |
| bullseye | 1.7.1-2 |
| bookworm | 1.8.3-1 |
| sid | 1.8.3-1 |
| Bug | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|
| CVE-2020-19861 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt ... |
| CVE-2020-19860 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_ ... |
| Bug | Description |
|---|---|
| CVE-2017-1000232 | A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecifi ... |
| CVE-2017-1000231 | A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified ... |
| CVE-2014-3209 | The ldns-keygen tool in ldns 1.6.x uses the current umask to set the p ... |
| CVE-2011-3581 | Heap-based buffer overflow in the ldns_rr_new_frm_str_internal functio ... |
| CVE-2009-1086 | Heap-based buffer overflow in the ldns_rr_new_frm_str_internal functio ... |
| DSA / DLA | Description |
|---|---|
| DLA-2910-1 | ldns - security update |
| DLA-1182-1 | ldns - security update |
| DSA-2353-1 | ldns - buffer overflow |
| DSA-1795-1 | ldns - arbitrary code execution |