Category Archives: Advisories

Two vulnerabilities were discovered in unbound, a validating, recursive,
caching DNS resolver. Specially crafted DNSSEC answers could lead
unbound down a very CPU intensive and time costly DNSSEC
(CVE-2023-50387) or NSEC3 hash (CVE-2023-50868) validation path,
resulting in denial of service.

Details can be found at
https://nlnetlabs.nl/downloads/unbound/CVE-2023-50387_CVE-2023-50868.txt

https://security-tracker.debian.org/tracker/DSA-5620-1

Advisories

DSA-5621-1 bind9 – security update

February 14, 2024

Read Time:8 Second

Several vulnerabilities were discovered in BIND, a DNS server
implementation, which may result in denial of service.

https://security-tracker.debian.org/tracker/DSA-5621-1

Advisories

DSA-5624-1 edk2 – security update

February 14, 2024

Read Time:15 Second

Mate Kukri discovered the Debian build of EDK2, a UEFI firmware
implementation, used an insecure default configuration which could result
in Secure Boot bypass via the UEFI shell.

This updates disables the UEFI shell if Secure Boot is used.

https://security-tracker.debian.org/tracker/DSA-5624-1

Advisories

DSA-5623-1 postgresql-15 – security update

February 14, 2024

Read Time:13 Second

It was discovered that a late privilege drop in the “REFRESH MATERIALIZED
VIEW CONCURRENTLY” command could allow an attacker to trick a user with
higher privileges to run SQL commands with these permissions.

https://security-tracker.debian.org/tracker/DSA-5623-1

Advisories

DSA-5622-1 postgresql-13 – security update

February 14, 2024

Read Time:13 Second

https://security-tracker.debian.org/tracker/DSA-5622-1

Advisories

unbound-1.19.1-1.fc38

February 13, 2024

Read Time:13 Second

FEDORA-2024-c967c7d287

Packages in this update:

unbound-1.19.1-1.fc38

Update description:

Fix CVE-2023-50387, DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers.
Fix CVE-2023-50868, NSEC3 closest encloser proof can exhaust CPU.

Advisories