Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicesecurity update

Debian: DSA-5633-1 Severe Threat: Knot Resolver Denial of Service

It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against Knot Resolver, a caching, DNSSEC- validating DNS resolver. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5633-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff February 27, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : knot-resolver CVE ID : CVE-2023-46317 CVE-2023-50387 CVE-2023-50868 It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against Knot Resolver, a caching, DNSSEC- validating DNS resolver. For the stable distribution (bookworm), these problems have been fixed in version 5.6.0-1+deb12u1. We recommend that you upgrade your knot-resolver packages. For the detailed security status of knot-resolver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/knot-resolver Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory DSA-5633-1 addresses a vulnerability in Knot Resolver that may cause DoS due to malformed DNSSEC records, urging users to apply patches. Debian Advisory,DNSSEC Security,Knot Resolver Update,Denial of Service,Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 27, 2024 Critical Debian
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceubuntu

Ubuntu 22.10: USN-6225-1, Moderate, Knot Resolver DoS Risk

Knot Resolver could be made to crash if it received specially crafted network traffic.. =========================================================================Ubuntu Security Notice USN-6225-1 July 13, 2023 knot-resolver vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS (Available with Ubuntu Pro) - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Knot Resolver could be made to crash if it received specially crafted network traffic. Software Description: - knot-resolver: caching, DNSSEC-validating DNS resolver Details: It was discovered that Knot Resolver did not correctly handle certain client options. A remote attacker could send requests to malicous domains and cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: knot-resolver 5.5.1-5ubuntu0.22.10.1 Ubuntu 22.04 LTS (Available with Ubuntu Pro): knot-resolver 5.4.4-1ubuntu0.1~esm1 Ubuntu 20.04 LTS: knot-resolver 3.2.1-3ubuntu2.1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): knot-resolver 2.1.1-1ubuntu0.1~esm2 libkres-dev 2.1.1-1ubuntu0.1~esm2 libkres6 2.1.1-1ubuntu0.1~esm2 Ubuntu 16.04 LTS (Available with Ubuntu Pro): knot-resolver 1.0.0~beta3-1ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes. References: CVE-2022-40188 Package Information: https://launchpad.net/ubuntu/+source/knot-resolver/5.5.1-5ubuntu0.22.10.1 https://launchpad.net/ubuntu/+source/knot-resolver/3.2.1-3ubuntu2.1 . A vulnerability in the DNS resolver might allow an attacker to disrupt the service usingcustom requests. Ensure your Debian systems are updated to reduce potential threats.. Knot Resolver, DoS Threat, Ubuntu Security, Network Traffic, DNS Vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 13, 2023 Important Ubuntu
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 32: FEDORA-2020-bf68101ad3 Critical Vulnerability in Knot Resolver

- fixes CVE-2020-12667. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-bf68101ad3 2020-05-28 04:13:58.091808 --------------------------------------------------------------------------------Name : knot-resolver Product : Fedora 32 Version : 5.1.1 Release : 1.fc32 URL : https://www.knot-resolver.cz/ Summary : Caching full DNS Resolver Description : The Knot Resolver is a DNSSEC-enabled caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as local caching resolver. To start using it, start a single kresd instance: $ systemctl start This email address is being protected from spambots. You need JavaScript enabled to view it. --------------------------------------------------------------------------------Update Information: - fixes CVE-2020-12667 --------------------------------------------------------------------------------ChangeLog: * Tue May 19 2020 Tomas Krizek - 5.1.1-1 - update to upstream version 5.1.1 (fixes CVE-2020-12667) --------------------------------------------------------------------------------References: [ 1 ] Bug #1839822 - CVE-2020-12667 knot-resolver: Traffic amplification triggered by random subdomains in the NSDNAME in NS records [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1839822 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-bf68101ad3' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 32 enhances knot resolver to mitigate traffic amplification risk. Discover tips for fortifying your setup now.. Fedora Update,knot-resolver update,DNS security,traffic amplification fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 28, 2020 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdatecritical

Fedora 28: 2018-c894f896fd Critical: Knot Resolver DNS Downgrade Fix

Knot Resolver 2.4.0 (2018-07-03) changes -------------------- - minimal libknot version is now 2.6.7 to pull in latest fixes (#366) Security -------- - fix a rare case of zones incorrectly dowgraded to insecure status (!576) New features ------------ - TLS session resumption (RFC 5077), both server and client (!585, #105) (disabled when. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-c894f896fd 2018-07-12 14:18:11.697524 --------------------------------------------------------------------------------Name : knot-resolver Product : Fedora 28 Version : 2.4.0 Release : 1.fc28 URL : https://www.knot-resolver.cz/ Summary : Caching full DNS Resolver Description : The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as local caching resolver. To start using it, start a single kresd instance: $ systemctl start This email address is being protected from spambots. You need JavaScript enabled to view it. --------------------------------------------------------------------------------Update Information: Knot Resolver 2.4.0 (2018-07-03) ================================ Incompatible changes -------------------- - minimal libknot version is now 2.6.7 to pull in latest fixes (#366) Security -------- - fix a rare case of zones incorrectly dowgraded to insecure status (!576) New features ------------ - TLS session resumption (RFC 5077), both server and client (!585, #105) (disabled when compiling with gnutls < 3.5) - TLS_FORWARD policy uses system CA certificate store by default (!568) - aggressive caching for NSEC3 zones (!600) - optional protection from DNS Rebinding attack (module rebinding, !608) - module bogus_log to log DNSSEC bogus queries without verbose logging (!613) Bugfixes -------- -prefill: fix ability to readcertificate bundle (!578) - avoid turning off qname minimization in some cases, e.g. co.uk. (#339) - fix validation of explicit wildcard queries (#274) - dns64 module: more properties from the RFC implemented (incl. bug #375) Improvements ------------ - systemd: multiple enabled kresd instances can now be started using kresd.target - ta_sentinel: switch to version 14 of the RFC draft (!596) - support for glibc systems with a non-Linux kernel (!588) - support per-request variables for Lua modules (!533) - support custom HTTP endpoints for Lua modules (!527) --------------------------------------------------------------------------------ChangeLog: * Tue Jul 3 2018 Tomas Krizek - 2.4.0-1 Knot Resolver 2.4.0 (2018-07-03) =============================== Incompatible changes --------------------- minimal libknot version is now 2.6.7 to pull in latest fixes (#366) Security --------- fix a rare case of zones incorrectly dowgraded to insecure status (!576) New features ------------- TLS session resumption (RFC 5077), both server and client (!585, #105) (disabled when compiling with gnutls < 3.5) - TLS_FORWARD policy uses system CA certificate store by default (!568) - aggressive caching for NSEC3 zones (!600) - optional protection from DNS Rebinding attack (module rebinding, !608) - module bogus_log to log DNSSEC bogus queries without verbose logging (!613) Bugfixes --------- prefill: fix ability to read certificate bundle (!578) - avoid turning off qname minimization in some cases, e.g. co.uk. (#339) - fix validation of explicit wildcard queries (#274) - dns64 module: more properties from the RFC implemented (incl. bug #375) Improvements ------------- systemd: multiple enabled kresd instances can now be started using kresd.target - ta_sentinel: switch to version 14 of the RFC draft (!596) - support for glibc systems with a non-Linux kernel (!588) - support per-request variables for Lua modules (!533) - support custom HTTP endpoints for Lua modules (!527) * Mon Apr 232018 Tomas Krizek - 2.3.0-1 Knot Resolver 2.3.0 (2018-04-23) =============================== Security --------- fix CVE-2018-1110: denial of service triggered by malformed DNS messages (!550, !558, security!2, security!4) - increase resilience against slow lorris attack (security!5) Bugfixes --------- validation: fix SERVFAIL in case of CNAME to NXDOMAIN in a single zone (!538) - validation: fix SERVFAIL for DS . query (!544) - lib/resolve: don't send unecessary queries to parent zone (!513) - iterate: fix validation for zones where parent and child share NS (!543) - TLS: improve error handling and documentation (!536, !555, !559) Improvements ------------- prefill: new module to periodically import root zone into cache (replacement for RFC 7706, !511) - network_listen_fd: always create end point for supervisor supplied file descriptor - use CPPFLAGS build environment variable if set (!547) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-c894f896fd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/77ATNINRPKZCLYKP56PGLWATGHEDQTME/ . KnotResolver 2.4.0 addresses vulnerabilities and enhances DNS capabilities with notable enhancements in Fedora.. knot-resolver update, Fedora 28, DNS security fix, TLS improvements, resolver security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 12, 2018 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicesecurity update

Fedora 28 FEDORA-2018-389bc4e911 Moderate Knot Resolver Denial Of Service

Knot Resolver 2.3.0 (2018-04-23) -------- - fix CVE-2018-1110: denial of service triggered by malformed DNS messages (!550, !558, security!2, security!4) - increase resilience against slow lorris attack (security!5) Bugfixes -------- - validation: fix SERVFAIL in case of CNAME to NXDOMAIN in a single zone (!538) - validation: fix SERVFAIL for. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-389bc4e911 2018-05-09 21:21:50.031636 --------------------------------------------------------------------------------Name : knot-resolver Product : Fedora 28 Version : 2.3.0 Release : 1.fc28 URL : https://www.knot-resolver.cz/ Summary : Caching full DNS Resolver Description : The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as local caching resolver. To start using it, start a single kresd instance: $ systemctl start This email address is being protected from spambots. You need JavaScript enabled to view it. --------------------------------------------------------------------------------Update Information: Knot Resolver 2.3.0 (2018-04-23) ================================ Security -------- - fix CVE-2018-1110: denial of service triggered by malformed DNS messages (!550, !558, security!2, security!4) - increase resilience against slow lorris attack (security!5) Bugfixes -------- - validation: fix SERVFAIL in case of CNAME to NXDOMAIN in a single zone (!538) - validation: fix SERVFAIL for DS . query (!544) - lib/resolve: don't send unecessary queries to parent zone (!513) - iterate: fix validation for zones where parent and child share NS (!543) - TLS: improve error handling and documentation (!536, !555, !559) Improvements ------------ - prefill: new module to periodically import root zone into cache (replacement for RFC7706, !511) - network_listen_fd: always create end point for supervisor supplied file descriptor - use CPPFLAGS build environment variable if set (!547) --------------------------------------------------------------------------------ChangeLog: * Mon Apr 23 2018 Tomas Krizek - 2.3.0-1 Knot Resolver 2.3.0 (2018-04-23) =============================== Security --------- fix CVE-2018-1110: denial of service triggered by malformed DNS messages (!550, !558, security!2, security!4) - increase resilience against slow lorris attack (security!5) Bugfixes --------- validation: fix SERVFAIL in case of CNAME to NXDOMAIN in a single zone (!538) - validation: fix SERVFAIL for DS . query (!544) - lib/resolve: don't send unecessary queries to parent zone (!513) - iterate: fix validation for zones where parent and child share NS (!543) - TLS: improve error handling and documentation (!536, !555, !559) Improvements ------------- prefill: new module to periodically import root zone into cache (replacement for RFC 7706, !511) - network_listen_fd: always create end point for supervisor supplied file descriptor - use CPPFLAGS build environment variable if set (!547) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-389bc4e911' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest Knot Resolver 2.3.0 release for Fedoramitigates denial of service vulnerabilities and boosts defense mechanisms against potential threats.. Knot Resolver, Denial Of Service, Fedora Update, Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 09, 2018 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracritical update

Fedora 25: 2017-92643d70b7 Critical: knot-resolver DoS Mitigation

Update to upstream version 1.3.1.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-92643d70b7 2017-07-20 13:50:35.706261 --------------------------------------------------------------------------------Name : knot-resolver Product : Fedora 25 Version : 1.3.1 Release : 1.fc25 URL : https://www.knot-resolver.cz/ Summary : Caching full DNS Resolver Description : The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as local caching resolver. To start using it, just start the local DNS socket: BEWARE: Because of https://bugzilla.redhat.com/show_bug.cgi?id=1366968 you need to switch your system to SELinux permissive mode. --------------------------------------------------------------------------------Update Information: Update to upstream version 1.3.1. --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade knot-resolver' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest security patch for Knot Resolver in Fedora moves it to version 1.3.1, fixing various vulnerabilities and boosting its overallperformance.. Fedora Security Update,Knot Resolver Update,DoS Threats,Caching Resolver Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 20, 2017 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateFedora

Fedora 24: FEDORA-2017-081fc9ad77 Moderate: Knot Resolver Security Update

Update to upstream version 1.3.1.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-081fc9ad77 2017-07-20 13:50:14.517600 --------------------------------------------------------------------------------Name : knot-resolver Product : Fedora 24 Version : 1.3.1 Release : 1.fc24 URL : https://www.knot-resolver.cz/ Summary : Caching full DNS Resolver Description : The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as local caching resolver. To start using it, just start the local DNS socket: BEWARE: Because of https://bugzilla.redhat.com/show_bug.cgi?id=1366968 you need to switch your system to SELinux permissive mode. --------------------------------------------------------------------------------Update Information: Update to upstream version 1.3.1. --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade knot-resolver' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Knot resolver upgraded to version 1.3.1 for improved security on Fedora 24 installations. Install using dnf upgrade command.. FedoraUpdate,knot resolver,security advisory. . LinuxSecurity.com Team

Calendar 2 Jul 20, 2017 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 25: Knot Resolver Update Addresses Security Issues and Enhancements

new upstream release + security: Knot Resolver 1.2.0 and higher could return AD flag for insecure answer if the daemon received answer with invalid RRSIG several times in a row. + fix: layer/iterate: some improvements in cname chain unrolling + fix: layer/validate: fix duplicate records in AUTHORITY section in case + fix: of WC expansion proof + fix: lua: do *not* truncate cache size to. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-df53d02da7 2017-03-20 22:11:58.760895 -------------------------------------------------------------------------------- Name : knot-resolver Product : Fedora 25 Version : 1.2.4 Release : 1.fc25 URL : https://www.knot-resolver.cz/ Summary : Caching full DNS Resolver Description : The Knot DNS Resolver is a caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is pre-configured as local caching resolver. To start using it, just start the local DNS socket: BEWARE: Because of https://bugzilla.redhat.com/show_bug.cgi?id=1366968 you need to switch your system to SELinux permissive mode. -------------------------------------------------------------------------------- Update Information: new upstream release + security: Knot Resolver 1.2.0 and higher could return AD flag for insecure answer if the daemon received answer with invalid RRSIG several times in a row. + fix: layer/iterate: some improvements in cname chain unrolling + fix: layer/validate: fix duplicate records in AUTHORITY section in case + fix: of WC expansion proof + fix: lua: do *not* truncate cache size to unsigned + fix: forwarding mode: correctly forward +cd flag + fix: fix a potential memory leak + fix: don't treat answers that contain DS non-existance proof as insecure + fix: don't store NSEC3 and their signatures in thecache + fix: layer/iterate: when processing delegations, check if qname is at or below new authority + enhancement: modules/policy: allow QTRACE policy to be chained with other policies + enhancement: hints.add_hosts(path): a new property + enhancement: module: document the API and simplify the code + enhancement: policy.MIRROR: support IPv6 link-local addresses + enhancement: policy.FORWARD: support IPv6 link-local addresses + enhancement: add net.outgoing_{v4,v6} to allow specifying address to use for connections -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade knot-resolver' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Systemd security patch for Ubuntu 20.04 resolves various vulnerabilities, improving overall resilience and efficiency.. Knot Resolver, Fedora 25, Security Fix, DNS Resolver, Update Notification. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 21, 2017 Important Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here