File _patchinfo of Package patchinfo.28819

<patchinfo incident="28819">
  <issue tracker="cve" id="2016-7069"/>
  <issue tracker="cve" id="2018-14663"/>
  <issue tracker="cve" id="2017-7557"/>
  <issue tracker="bnc" id="1114511">VUL-0: CVE-2018-14663: dnsdist: 2018-08: Record smuggling when adding ECS or XPF</issue>
  <issue tracker="bnc" id="1054799">VUL-0: CVE-2016-7069: dnsdist: Crafted backend responses can cause a denial of service</issue>
  <issue tracker="bnc" id="1054802">VUL-0: CVE-2017-7557: dnsdist: Alteration of ACLs via API authentication bypass</issue>
  <packager>adamm</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for dnsdist</summary>
  <description>This update for dnsdist fixes the following issues:

- Implements package 'dnsdist' with version 1.8.0 in SLE15. (jsc#PED-3402)
- Downstream DNS resolver configuration should be chosen by the admin
- Security fix: fixes a possible record smugging with a crafted DNS query with trailing data (CVE-2018-14663, bsc#1114511)
- Security fix: There is an issue that can lead to a denial of service on 32-bit if a backend sends crafted answers. (CVE-2016-7069, bsc#1054799)
- Security fix: Alteration of dnsdist's ACL if the API is enabled, writable and an authenticated user is tricked into visiting a crafted website. (CVE-2017-7557, bsc#1054799)
- SNMP support, exporting statistics and sending traps
- Preventing the packet cache from ageing responses when deployed in
- Various DNSCrypt-related fixes and improvements, including automatic key rotation
  </description>
</patchinfo>