On Tue, Jan 21, 2025 at 04:04:22PM +0100, Chris Hofstaedtler wrote:
> On Mon, Jan 20, 2025 at 12:02:11PM +0100, Chris Hofstaedtler wrote:
> > Control: reopen 1083285
> > Control: fixed 1083285 pdns-recursor/5.0.9-1
> >
> > * Moritz Friedrich <[email protected]> [250120 10:45]:
> > > Is there a reason why there is no fix for this bug CVE-2024-25590 in
> > > Bookworm for version 4.8.8 yet?
> >
> > Mostly because nobody did the work.
> >
> > Please test the packages from:
> > https://salsa.debian.org/debian/pdns-recursor/-/commit/472e6561f069b13257ed1468b9dd8bf31ec556ad
> >
> > Security: mind reviewing my backport of the patch above?
>
> I've fixed bugs in this backport, please look at this branch:
>
> https://salsa.debian.org/debian/pdns-recursor/-/commits/bookworm-cve-2024-25590
Looks good, please upload to security-master (with 4.8.8-1+deb12u1 as the
version
number). Thanks!
Cheers,
Moritz