Your message dated Sun, 31 Jul 2005 09:43:07 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Closing bug, using Version tracking.
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 17 Jul 2005 19:10:11 +0000
>From [EMAIL PROTECTED] Sun Jul 17 12:10:11 2005
Return-path: <[EMAIL PROTECTED]>
Received: from inutil.org (vserver151.vserver151.serverflex.de)
[193.22.164.111]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1DuEWg-0000Vd-00; Sun, 17 Jul 2005 12:10:11 -0700
Received: from dsl-084-059-163-099.arcor-ip.net ([84.59.163.99]
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1DuEWe-0007lb-Kv
for [EMAIL PROTECTED]; Sun, 17 Jul 2005 21:10:08 +0200
Received: from jmm by localhost.localdomain with local (Exim 4.52)
id 1DuEWd-0001MY-8k; Sun, 17 Jul 2005 21:10:07 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: pdns-backend-ldap: Two security issues in LDAP backend
X-Mailer: reportbug 3.15
Date: Sun, 17 Jul 2005 21:10:07 +0200
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 84.59.163.99
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: pdns-backend-ldap
Version: 2.9.17
Severity: important
Tags: security
2.9.18 fixes two security relevant issues in the LDAP backend:
Quoting Bert Hubert:
PowerDNS 2.9.18 fixes two bugs with security implications, which
only apply to installations running on the LDAP backend, or
installations providing recursion to a limited range of IP
addresses. If any of these apply to you, an upgrade is highly
advised.
Version 2.9.18 release notes are on:
http://doc.powerdns.com/changelog.html#CHANGELOG-2-9-18
Version 2.9.18 is available on:
http://www.powerdns.com/downloads/
Wiki, source, bugtracker: http://wiki.powerdns.com/
Security page: http://doc.powerdns.com/security-policy.html
Details:
* The LDAP backend did not properly escape all queries,
allowing it to fail and not answer questions. We have not
investigated further risks involved, but we advise LDAP
users to update as quickly as possible (Norbert Sendetzky,
Jan de Groot)
* Questions from clients denied recursion could blank out
answers to clients who are allowed recursion services,
temporarily. Reported by Wilco Baan. This would've made it
possible for outsiders to blank out a domain temporarily to
your users. Luckily PowerDNS would send out SERVFAIL or
Refused, and not a denial of a domain's existence.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc5
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
---------------------------------------
Received: (at 318798-done) by bugs.debian.org; 31 Jul 2005 07:43:14 +0000
>From [EMAIL PROTECTED] Sun Jul 31 00:43:14 2005
Return-path: <[EMAIL PROTECTED]>
Received: from www.cacholong.nl (server.cacholong.nl) [80.126.52.161]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1Dz8TZ-0002Qw-00; Sun, 31 Jul 2005 00:43:13 -0700
Received: from localhost (localhost [127.0.0.1])
by server.cacholong.nl (Postfix) with ESMTP id BFECE800088
for <[EMAIL PROTECTED]>; Sun, 31 Jul 2005 09:43:12 +0200 (CEST)
Received: from server.cacholong.nl ([127.0.0.1])
by localhost (server.cacholong.nl [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id 27509-07-2 for <[EMAIL PROTECTED]>;
Sun, 31 Jul 2005 09:43:08 +0200 (CEST)
Received: from [192.168.20.2] (openbsd.xs4all.nl [80.126.240.96])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by server.cacholong.nl (Postfix) with ESMTP id E2E8A800082
for <[EMAIL PROTECTED]>; Sun, 31 Jul 2005 09:43:07 +0200 (CEST)
Message-ID: <[EMAIL PROTECTED]>
Date: Sun, 31 Jul 2005 09:43:07 +0200
From: Matthijs Mohlmann <[EMAIL PROTECTED]>
User-Agent: Debian Thunderbird 1.0.2 (X11/20050602)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: [EMAIL PROTECTED]
Subject: Closing bug, using Version tracking.
X-Enigmail-Version: 0.91.0.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="------------enigB7D1D49EBB939EA3D04C8D5A"
X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at cacholong.nl
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigB7D1D49EBB939EA3D04C8D5A
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Version 2.9.18-1
Close the bug and use the version tracking.
--------------enigB7D1D49EBB939EA3D04C8D5A
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFC7IEL2n1ROIkXqbARAulkAJ9Jiu4Mp2b38uqc/9k+TnXaJvjkUACfX9Bb
FqynMflbM0b/6V79MGZe7lw=
=OE3E
-----END PGP SIGNATURE-----
--------------enigB7D1D49EBB939EA3D04C8D5A--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
