UbuntuUpdates.org

Package "ldns"

Name: ldns

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • ldns library for DNS programming
  • Python bindings for the ldns library for DNS programming
  • Python3 bindings for the ldns library for DNS programming

Latest version: 1.7.0-3ubuntu4.1
Release: bionic (18.04)
Level: updates
Repository: universe

Links



Other versions of "ldns" in Bionic

Repository Area Version
base main 1.7.0-3ubuntu4
base universe 1.7.0-3ubuntu4
security main 1.7.0-3ubuntu4.1
security universe 1.7.0-3ubuntu4.1
updates main 1.7.0-3ubuntu4.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.7.0-3ubuntu4.1 2022-01-31 16:06:26 UTC

  ldns (1.7.0-3ubuntu4.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Heap out of bounds read
    - debian/patches/CVE-2020-19860-*.patch: fix it
      adding more checks in rr.c.
    - CVE-2020-19860
  * SECURITY UPDATE: Heap out of bounds read
    - debian/patches/CVE-2020-19861.patch: fix it in
      dnssec.c.
    - CVE-2020-19861

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 25 Jan 2022 11:31:38 -0300

CVE-2020-19860 When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can
CVE-2020-19861 When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the



About   -   Send Feedback to @ubuntu_updates