Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

v6: CVE-2021-23386: update dns-packet

See original GitHub issue

Thank you for bumping dns-packet in https://github.com/mafintosh/multicast-dns/issues/74 for version 7.

Could you also release a security bump for version 6? This currently affects webpack-dev-server via a different (no longer maintained) library, that still makes use of multicast-dns version 6:

https://github.com/watson/bonjour/blob/bdc467a4f3c7b9fe8bc54468b6fc4d80b8f1c098/package.json#L11

More details can be found at https://github.com/webpack/webpack-dev-server/issues/3340.

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:10 (6 by maintainers)

github_iconTop GitHub Comments

6reactions
mafintoshcommented, May 26, 2021

I sent SNYK an email bump now also to get them to update the advisory

0reactions
mafintoshcommented, Jul 13, 2021

advisory is updated, just checked

Read more comments on GitHub >

github_iconTop Results From Across the Web

dns-packet Dependency - Security bump required for ... - GitHub
Dependency dns-packet has a security advisory: ... v6: CVE-2021-23386: update dns-packet mafintosh/multicast-dns#75.
Read more >
Remote Memory Exposure in dns-packet | CVE-2021-23386
dns -packet is an An abstract-encoding compliant module for encoding / decoding DNS packets. Affected versions of this package are vulnerable ...
Read more >
Get Started | Public DNS - Google Developers
Configure your network settings to use Google Public DNS; Important: Before you start; Google Public DNS IP addresses; Change your DNS ...
Read more >
dns-packet - npm
An abstract-encoding compliant module for encoding / decoding DNS packets. Latest version: 5.4.0, last published: 6 months ago.
Read more >
DNS Considerations for IPv6 - Internet Society
Dynamic DNS(DDNS) is a means of updating DNS with information from a Dynamic Host Configuration Protocol(DHCP) server. After the DHCP server ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Better error messages when oneOf/anyOf doesn't match

Next page

Does not work when options.interface is specified