Back to bug 2216228
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| TEJ RATHI | 2023-06-20 14:34:22 UTC | CC | security-response-team | |
| TEJ RATHI | 2023-06-20 14:41:03 UTC | CC | jburrell, mosvald, pemensik | |
| TEJ RATHI | 2023-06-20 14:53:15 UTC | CC | dhughes, eglynn, jjoyce, lhh, mburns, mgarciac, pgrist | |
| TEJ RATHI | 2023-06-20 15:06:45 UTC | Depends On | 2216235, 2216233, 2216237, 2216234 | |
| TEJ RATHI | 2023-06-20 15:07:55 UTC | Depends On | 2216241, 2216240, 2216238, 2216239 | |
| TEJ RATHI | 2023-06-20 15:19:59 UTC | Blocks | 2216252 | |
| Petr Menšík | 2023-06-21 22:00:35 UTC | URL | https://kb.isc.org/docs/cve-2023-2911 | |
| Anten Skrabec | 2023-06-21 22:27:07 UTC | CC | askrabec | |
| Sandipan Roy | 2023-06-22 05:57:21 UTC | Deadline | 2023-06-21 | |
| Summary | EMBARGOED TRIAGE-CVE-2023-2911 bind: Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0 | TRIAGE-CVE-2023-2911 bind: Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0 | ||
| Group | security, qe_staff | |||
| Sandipan Roy | 2023-06-22 06:05:15 UTC | Depends On | 2216631, 2216630 | |
| TEJ RATHI | 2023-06-22 06:08:51 UTC | Summary | TRIAGE-CVE-2023-2911 bind: Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0 | CVE-2023-2911 bind: Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0 |
| Alias | TRIAGE-CVE-2023-2911 | CVE-2023-2911 | ||
| Sandipan Roy | 2023-06-22 06:25:04 UTC | Doc Text | A vulnerability was found in BIND. This security flaw occurs when the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. | |
| RaTasha Tillery-Smith | 2023-06-22 12:55:49 UTC | Doc Text | A vulnerability was found in BIND. This security flaw occurs when the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. | A vulnerability was found in BIND. This security flaw occurs when the recursive-clients quota is reached on a BIND 9 resolver configured with stale-answer-enable yes; and stale-answer-client-timeout 0;. A sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. |
| Sandipan Roy | 2023-06-26 05:08:20 UTC | Severity | high | medium |
| Priority | high | medium | ||
| Avinash Hanwate | 2023-06-28 13:01:03 UTC | CC | dhughes, eglynn, jjoyce, lhh, mburns, mgarciac, pgrist | |
| Product Security DevOps Team | 2023-06-28 17:40:03 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2023-06-28 17:40:03 UTC |
Back to bug 2216228