Overview
Request 818168 accepted
- update to 4.3.2
* Fixes a access restriction bypass vulnerability where ACL applied
to the internal web server via webserver-allow-from is
not properly enforced, allowing a remote attacker to send
HTTP queries to the internal web server, bypassing the restriction.
(CVE-2020-14196, bsc#1173302)
* improves CNAME loop detection
* Fix the handling of DS queries for the root
* Fix RPZ removals when an update has several deltas
Request History
adamm created request
- update to 4.3.2
* Fixes a access restriction bypass vulnerability where ACL applied
to the internal web server via webserver-allow-from is
not properly enforced, allowing a remote attacker to send
HTTP queries to the internal web server, bypassing the restriction.
(CVE-2020-14196, bsc#1173302)
* improves CNAME loop detection
* Fix the handling of DS queries for the root
* Fix RPZ removals when an update has several deltas
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar_suse added openSUSE:Factory:Staging:adi:2 as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:2"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:adi:2"
dimstar accepted review
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:adi:2 got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:adi:2 got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:adi:2 got accepted.
