Summary: | net-dns/djbdns: locally truncated udp response results in denial-of-service | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Jaco Kroon <jaco> |
Component: | Stabilization | Assignee: | Jaco Kroon <jaco> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | jaco, proxy-maint |
Priority: | Normal | Keywords: | CC-ARCHES, STABLEREQ |
Version: | unspecified | Flags: | nattka:
sanity-check+
|
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/gentoo/gentoo/pull/36841 | ||
Whiteboard: | |||
Package list: |
=net-dns/djbdns-1.05-r40
|
Runtime testing required: | No |
Description
Jaco Kroon
2024-05-27 13:48:56 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b938f9f9a917d3bacb73ef914c371dfc5f2d8ebe commit b938f9f9a917d3bacb73ef914c371dfc5f2d8ebe Author: Jaco Kroon <jaco@uls.co.za> AuthorDate: 2024-05-27 14:37:52 +0000 Commit: Viorel Munteanu <ceamac@gentoo.org> CommitDate: 2024-05-27 15:08:30 +0000 net-dns/djbdns: 1.05-r40 Work around local receive overflow bug. Bug: https://bugs.gentoo.org/932846 Signed-off-by: Jaco Kroon <jaco@uls.co.za> Closes: https://github.com/gentoo/gentoo/pull/36841 Signed-off-by: Viorel Munteanu <ceamac@gentoo.org> net-dns/djbdns/djbdns-1.05-r40.ebuild | 143 +++++++++++++++++++++ ...dp-overflow-response-buffer-truncate-nov6.patch | 13 ++ ...-udp-overflow-response-buffer-truncate-v6.patch | 34 +++++ 3 files changed, 190 insertions(+) Question is, can we "emergency" stable? Is this considered a security issue by Gentoo? It's certainly a denial of service ... but is it a security issue in this specific case? ppc64 done sparc done x86 done amd64 done ppc done all arches done |