DNS/KnotResolver/CVE-2019-10191について、ここに記述してください。 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10191 Dhananjay Arunesh 2019-07-05 04:51:11 UTC A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attacker to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol. DNSSECの保護を受けられなくなる、との説明だ。DNSSECが機能しないと、hijackされるという立場らしい。 -- ToshinoriMaeno <> https://github.com/CZ-NIC/knot-resolver/commit/bef03dcfb1acce0f41b91d5762b7edd75c8e22bd#diff-e8acc63b1e238f3255c900eed37254b8