215567 – net-dns/pdns-recursor <3.1.5: Data manipulation; client redirection (CVE-2008-1637)

Bug 215567 - net-dns/pdns-recursor <3.1.5: Data manipulation; client redirection (CVE-2008-1637)

Summary: net-dns/pdns-recursor <3.1.5: Data manipulation; client redirection (CVE-2008...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://doc.powerdns.com/powerdns-advi...
Whiteboard:	B3 [glsa]
Keywords:

Depends on:
Blocks:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sven Wegener gentoo-dev

2008-03-31 12:50:15 UTC

See the URL for more information. net-dns/pdns-recursor-3.1.5 has just been commited to the tree.

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2008-03-31 14:08:55 UTC

Arches, please test and mark stable:
=net-dns/pdns-recursor-3.1.5
Target keywords : "amd64 release x86"

Comment 2 Robert Buchholz (RETIRED) gentoo-dev

2008-03-31 14:16:04 UTC

Seems a CVE has been requested.

Comment 3 Markus Meier gentoo-dev

2008-03-31 19:51:11 UTC

amd64/x86 stable, last arch.

Comment 4 Peter Volkov (RETIRED) gentoo-dev

2008-04-01 05:20:38 UTC

Fixed in release snapshot.

Comment 5 Robert Buchholz (RETIRED) gentoo-dev

2008-04-03 14:09:34 UTC

This is a vote, YES from me.

Comment 6 Tobias Heinlein (RETIRED) gentoo-dev

2008-04-17 20:11:46 UTC

Voting YES as well and filing request.

Comment 7 Robert Buchholz (RETIRED) gentoo-dev

2008-04-18 14:19:59 UTC

GLSA 200804-22