Key Trap (CVE-2023-50387) and knot/kresd

Am I correct in interpreting that TOS6.5.2’s version of kresd (5.7.1) is not affected by this anymore?

If so, then respect!

Yes, 5.7.1 mitigates KeyTrap. Knot Resolver 5.7.1 released – Knot Resolver

The disclosure was coordinated among many vendors, so all of them had fixes ready beforehand (including cz.nic).


Let me repeat then, well done team knot/turris! And this, in a nutshell, is why I keep mentioning turris as a well managed option for routers with automatic updates, you are doing a decent job…


This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.