Hi On Mon, Oct 02, 2017 at 09:23:05PM +0200, Moritz Muehlenhoff wrote: > On Sat, Jan 21, 2017 at 05:58:34PM +0100, Salvatore Bonaccorso wrote: > > Source: hesiod > > Version: 3.2.1-3 > > Severity: normal > > Tags: upstream patch security > > Forwarded: https://github.com/achernya/hesiod/pull/10 > > > > Hi, > > > > the following vulnerability was published for hesiod. > > > > CVE-2016-10152[0]: > > Use of hard-coded DNS domain if configuration file cannot be read > > What's the status? This bug is over eight months old.
Looks as well that the upstream pull request contains a 'validated' patch, so that bug should at least be fixed for buster. Regards, Salvatore
