Summary: | <net-dns/pdns-recursor-3.5.1: Deleted Domain Name Resolving Vulnerability (CVE-2012-1193) | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sean Amoss (RETIRED) <ackle> | ||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | minor | CC: | ronny+bugsgentoo, swegener, technoworx | ||||||
Priority: | Normal | ||||||||
Version: | unspecified | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
URL: | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1193 | ||||||||
Whiteboard: | B3 [glsa] | ||||||||
Package list: | Runtime testing required: | --- | |||||||
Attachments: |
|
Description
Sean Amoss (RETIRED)
2012-02-18 13:02:43 UTC
CVE-2012-1193 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1193): The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack. *** Bug 466008 has been marked as a duplicate of this bug. *** Created attachment 345986 [details]
ebuild for pdns-recursor-3.5 release changed init file to better naming also
* changed pdns-recursor version to 3.5
* changed init script name from "precursor" -> "pdns-recursor"
Works as overlay on my 3 systems since the release candidate version fine, no issues so far. The ebuild is only changed for the new release and the init file, nothing more.
I hope it helps to solve this CVE quickly.
Created attachment 347262 [details]
updated ebuild for pdns-recursor version 3.5.1 released today may 3rd 2013
I've commited 3.5.1 to the tree. sven, could you please commit update the ebuild to 3.5.2 ? Changelog is: Changes since 3.5.1: * Responses without the QR bit set now get matched up to an outstanding query, so that resolution can be aborted early instead of waiting for a timeout. Code in commit ee90f02. * The depth limiter changes in 3.5.1 broke some legal domains with lots of indirection. Improved in commit d393c2d. * Slightly improved logging to aid debugging. Code in commit 437824d and commit 182005e. http://doc.powerdns.com/html/changelog.html#changelog-recursor-3.5.2 Wow, this has been in the tree for a long time now. Sven, can we proceed stabilization? 3.5.1 or 3.5.3? 3.5.3 should be stabilized, the 3.6 version is in near sight (currently there is a RC1 which does have production quality, i am testing it already). So, if no reasons are against, 3.5.3 should be stable and I will then open a request for 3.6.0 if all goes well for a keyword marked ebuild. stabilization is currently happening in bug 514946 Arches, Thank you for your work Maintainer(s), please drop the vulnerable version. GLSA Vote: Yes Maintainer(s), Thank you for cleanup! YES too, added to the existing request. This issue was resolved and addressed in GLSA 201412-33 at http://security.gentoo.org/glsa/glsa-201412-33.xml by GLSA coordinator Sean Amoss (ackle). |