Summary: | <net-dns/pdns-recursor-4.1.8: crafted query can cause a denial of service (CVE-2018-16855) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sven Wegener <swegener> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | swegener |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-09.html | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
net-dns/pdns-recursor-4.1.8
|
Runtime testing required: | --- |
Description
Sven Wegener
2018-11-26 16:34:16 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ca96ad2e887d64febee4984ace90b04daa805979 commit ca96ad2e887d64febee4984ace90b04daa805979 Author: Sven Wegener <swegener@gentoo.org> AuthorDate: 2018-11-26 16:39:31 +0000 Commit: Sven Wegener <swegener@gentoo.org> CommitDate: 2018-11-26 16:40:14 +0000 net-dns/pdns-recursor: Version bump, security bug #671982 Bug: https://bugs.gentoo.org/671982 Signed-off-by: Sven Wegener <swegener@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 net-dns/pdns-recursor/Manifest | 1 + net-dns/pdns-recursor/pdns-recursor-4.1.8.ebuild | 78 ++++++++++++++++++++++++ 2 files changed, 79 insertions(+) Looks good to go stable, the security fix is the only change since 4.1.7. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5f4e9dc240bc6fc93d62b27b9f6c5335600b0eb0 commit 5f4e9dc240bc6fc93d62b27b9f6c5335600b0eb0 Author: Sven Wegener <swegener@gentoo.org> AuthorDate: 2018-11-27 20:17:48 +0000 Commit: Sven Wegener <swegener@gentoo.org> CommitDate: 2018-11-27 20:20:37 +0000 net-dns/pdns-recursor: Stable on am64/x86, bug #671982 Bug: https://bugs.gentoo.org/671982 Signed-off-by: Sven Wegener <swegener@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 net-dns/pdns-recursor/pdns-recursor-4.1.8.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) GLSA Vote: No @maintainer, please clean vulnerable. cleanup done (In reply to Sven Wegener from comment #5) > cleanup done Thank you, Sven! |