Bug #744
Updated by Pierre-Louis Bonicoli over 3 years ago
From a security status mail received today: <pre> Security report based on the bullseye release *** Available security updates CVE-2021-25219 In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21,... <https://security-tracker.debian.org/tracker/CVE-2021-25219> - libdns-export1104, libisc-export1100 </pre> <pre> root@orthos:~# apt policy libdns-export1104 libdns-export1104: Installed: 1:9.11.5.P4+dfsg-5.1+deb10u3 Candidate: 1:9.11.5.P4+dfsg-5.1+deb10u3 Version table: *** 1:9.11.5.P4+dfsg-5.1+deb10u3 100 100 /var/lib/dpkg/status </pre> According to the [Debian security tracker](https://security-tracker.debian.org/tracker/CVE-2021-25219) @1:9.11.5.P4+dfsg-5.1+deb10u5@ is vulnerable. This package is buster only and should be removed. I will remove every buster only (thanks to @apt-forktracer@). * ▢ □ Elwing * ▢ □ Jinta * ▢ □ Nicecity * ▢ □ Orfeo * ✅ □ Orthos (libapt-pkg5.0 libnettle6 libffi6 libprocps7 libjson-c3 libapt-inst2.0 gcc-8-base libip4tc0 libip6tc0 libhogweed4 perl-modules-5.28 libisc-export1100 libdns-export1104 linux-image-4.19.0-14-amd64 * ▢ □ Thorfinn * ▢ □ Toushirou