Description: Some vulnerabilities have been reported in MaraDNS, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) A memory leak error exists in the processing of DNS queries within the IPv6 code. This can be exploited to cause a DoS due to memory consumption by sending a specially crafted DNS query. This vulnerability is reported in versions prior to 1.2.12.05. 2) Two memory leak errors exist in the processing of DNS queries. These can be exploited to cause a DoS due to memory consumption by sending specially crafted DNS queries with a header opcode different from 0 or a class different from 1. These vulnerabilities are reported in versions prior to 1.2.12.06. Solution: Update to version 1.2.12.06. Provided and/or discovered by: 1) The vendor credits Rani Assaf. 2) The vendor credits João Antunes. Original Advisory: http://www.maradns.org/changelog.html Reproducible: Always
maintainers - please advise and bump as necessary
1.2.12.06 in cvs.
Arches please test and mark stable. Target keywords are: maradns-1.2.12.06.ebuild:KEYWORDS="amd64 ppc sparc x86"
x86 stable
sparc stable.
amd64 done
ppc stable, ready vor GLSA voting.
I tend to vote NO.
voting NO.
no too. Feel free to reopen if you disagree