From $URL: An issue has been found in dnsdist in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to the initial client. On a 32-bit system, the pointer arithmetic used when parsing the received response to remove that record might trigger an undefined behavior leading to a crash. dnsdist up to and including 1.1.0 is affected on 32-bit systems. dnsdist 1.2.0 is not affected, dnsdist on 64-bit systems is not affected. For those unable to upgrade to a new version, a minimal patch is available for 1.1.0 We would like to thank Guido Vranken for finding and subsequently reporting this issue. Upstream Patch for 1.1.0: https://downloads.powerdns.com/patches/2017-01
@maintainer(s): after bump please call for stabilization if needed. Thank you. Daj'Uan (mbailey_j) Gentoo Security Scout
*** Bug 628582 has been marked as a duplicate of this bug. ***
Adjusting CVE.
All security advisories for the DNSDist are listed here. PowerDNS Security Advisory 2017-02 for dnsdist: Alteration of ACLs via API authentication bypass https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2017-02.html PowerDNS Security Advisory 2017-01 for dnsdist: Crafted backend responses can cause a denial of serviceh ttps://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2017-01.html
(In reply to Thomas Deutschmann from comment #3) @Whissi, Thank you...left this out also: CVE Details: http://seclists.org/oss-sec/2017/q3/335
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c50a5d191b47143338b15a86ce6e36fd1b7abca commit 1c50a5d191b47143338b15a86ce6e36fd1b7abca Author: bgo <bgo@9dt.de> AuthorDate: 2017-09-02 16:44:59 +0000 Commit: Patrice Clement <monsieurp@gentoo.org> CommitDate: 2017-10-28 09:52:07 +0000 net-dns/dnsdist: version bump to 1.2.0. Bug: https://bugs.gentoo.org/628534 Bug: https://bugs.gentoo.org/628578 Package-Manager: Portage-2.3.8, Repoman-2.3.3 net-dns/dnsdist/Manifest | 2 +- net-dns/dnsdist/dnsdist-1.2.0.ebuild | 86 ++++++++++++++++++++++++++++++++++++ 2 files changed, 87 insertions(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e40b9b455b925425198ed2d250fc997b3bc56b94 commit e40b9b455b925425198ed2d250fc997b3bc56b94 Author: bgo <bgo@9dt.de> AuthorDate: 2017-09-02 16:43:53 +0000 Commit: Patrice Clement <monsieurp@gentoo.org> CommitDate: 2017-10-28 09:51:50 +0000 net-dns/dnsdist: remove vulnerable version. CVE-2016-7069 CVE-2017-7557 Bug: https://bugs.gentoo.org/628534 Bug: https://bugs.gentoo.org/628578 Closes: https://github.com/gentoo/gentoo/pull/5596 net-dns/dnsdist/dnsdist-1.1.0-r1.ebuild | 84 --------------------------------- 1 file changed, 84 deletions(-)}
Arch teams, Please stabilise: =net-dns/dnsdist-1.2.0 Security team, Please proceed.
The previous version never was stabilized. Dropping arches, please do new stable reqs seperately from security bugs. Thanks!
