Your message dated Mon, 14 May 2018 12:08:27 +0000
with message-id <[email protected]>
and subject line Bug#898255: fixed in pdns 4.1.2-1
has caused the Debian Bug report #898255,
regarding pdns-tools: [CVE-2018-1046] stack-based buffer overflow in dnsreplay
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
898255: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898255
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: pdns-tools
Severity: important
Hi,
a local denial of service has been found and fixed in dnsreplay. As it's
local only and one shouldn't really parse untrusted file with it anyway,
I don't think it warrants a DSA (but I guess an isolated fix could
qualify for a stable upload).
When you fix this for unstable and close this bug, please mention the
CVE number is the changelog.
More information can be found here
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-02.html
and the fix is available here:
https://github.com/PowerDNS/pdns/commit/f9c57c98da1b1007a51680629b667d57d9b702b8
Regards,
--
Yves-Alexis
-- System Information:
Debian Release: buster/sid
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (450, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.15.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8),
LANGUAGE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages pdns-tools depends on:
ii libboost-program-options1.62.0 1.62.0+dfsg-5+b1
ii libc6 2.27-3
ii libgcc1 1:8.1.0-1
ii libssl1.1 1.1.0h-2
ii libstdc++6 8.1.0-1
pdns-tools recommends no packages.
pdns-tools suggests no packages.
--- End Message ---
--- Begin Message ---
Source: pdns
Source-Version: 4.1.2-1
We believe that the bug you reported is fixed in the latest version of
pdns, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Chris Hofstaedtler <[email protected]> (supplier of updated pdns package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 14 May 2018 11:17:08 +0000
Source: pdns
Binary: pdns-server pdns-tools pdns-backend-bind pdns-backend-pipe
pdns-backend-ldap pdns-backend-geoip pdns-backend-mysql pdns-backend-odbc
pdns-backend-pgsql pdns-backend-sqlite3 pdns-backend-lua pdns-backend-remote
pdns-backend-opendbx pdns-backend-mydns pdns-backend-tinydns
Architecture: source
Version: 4.1.2-1
Distribution: unstable
Urgency: medium
Maintainer: pdns packagers <[email protected]>
Changed-By: Chris Hofstaedtler <[email protected]>
Description:
pdns-backend-bind - BIND backend for PowerDNS
pdns-backend-geoip - geoip backend for PowerDNS
pdns-backend-ldap - LDAP backend for PowerDNS
pdns-backend-lua - Lua backend for PowerDNS
pdns-backend-mydns - MyDNS compatibility backend for PowerDNS
pdns-backend-mysql - generic MySQL backend for PowerDNS
pdns-backend-odbc - generic UnixODBC backend for PowerDNS
pdns-backend-opendbx - OpenDBX backend for PowerDNS
pdns-backend-pgsql - generic PostgreSQL backend for PowerDNS
pdns-backend-pipe - pipe/coprocess backend for PowerDNS
pdns-backend-remote - remote backend for PowerDNS
pdns-backend-sqlite3 - sqlite 3 backend for PowerDNS
pdns-backend-tinydns - tinydns compatibility backend for PowerDNS
pdns-server - extremely powerful and versatile nameserver
pdns-tools - Tools for DNS debugging by PowerDNS
Closes: 898255
Changes:
pdns (4.1.2-1) unstable; urgency=medium
.
* New upstream version 4.1.2
* Includes fix for CVE-2018-1046 in dnsreplay. (Closes: #898255)
Checksums-Sha1:
d5a2233dfd6d66921b38f0377447feaf6220890f 3376 pdns_4.1.2-1.dsc
dcd7210e4150da9a657f6ace2db9b776d890decc 1117225 pdns_4.1.2.orig.tar.bz2
525ed14ab735e0492b338bbbe76c0ef8f61409b0 45560 pdns_4.1.2-1.debian.tar.xz
50a64a3c68c8b9dba22193bcdd9f05c88fb1c8ca 8840 pdns_4.1.2-1_source.buildinfo
Checksums-Sha256:
bab5a3afbc5e78955d3bb2521800ac276885ed1cb6cfb8a5d1918780554af176 3376
pdns_4.1.2-1.dsc
86d8be0171d1ba85c2c6496d62ebf9198a5d522135aa0df3714c0d487a725695 1117225
pdns_4.1.2.orig.tar.bz2
05012ed30d2b37e486381b51e50808f81746cb02b3e0052f6ab3c87507792725 45560
pdns_4.1.2-1.debian.tar.xz
cb982a1cf36212e9c28f19e79d8863661b6e5d76379f2b4925b1a1c48e283566 8840
pdns_4.1.2-1_source.buildinfo
Files:
dda69e8d31615db4bc28992cd8243dcb 3376 net optional pdns_4.1.2-1.dsc
629af7cb40f365e5baaf7f4e6b0aaf1c 1117225 net optional pdns_4.1.2.orig.tar.bz2
401cf1c5740251d9f2ab239511f4fef4 45560 net optional pdns_4.1.2-1.debian.tar.xz
7e8a81c6574762e231c24fbd73e13791 8840 net optional
pdns_4.1.2-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfRrP+tnggGycTNOSXBPW25MFLgMFAlr5duUACgkQXBPW25MF
LgOJwxAAoIBT6ueKPim+ilGmS5MJhWa2WNiO4tsu+fjarlgbKSvqHvkolLJJRLfH
8jOhGPBKRrFdrRCR94R3L0xZq9GFRvIg6jbJLiI5Q9IlLH4c8XfOeHtcwKEAkJaL
VH/tg1kl4SzcqUlrL8nP+YNrj3hyrKrvhdEHwbCNwhdH4tDuOhCIaYDG6tcQBlky
hEBPXg9yjvwQy4vNs5lT+oYeai8ocMqRQWZjhfj4jiKQcjSd20bB+F+l9CMNa7+S
Y1/5Ps3MtlxDQEMTsNtWqe+5BatfsvgMA5DRu3xrONLeKr7RaZqANER1SIB+o2u3
Xy/BPbabcFjFZSjbg5xx/5eALXAgh/FzjxbeIXoHQjh9rptb0zNmEcsgEHAKMN6v
HC26Dhbj8OqnG1kOYF646PP93brtVEtCXmMXZP4pQB6HERLzP3ppDCogqVRzv5Q8
Z7Vzr4ONRSaXW6PlYSmO5Oj8lziX37vuwoggIRfN81jdfHDGv7msBYTfAd4BDUZA
Huu/hCGe4NBztzYaoRfAxnCfwXJtELsUBu2jAi19+jIgqWzJ85nYmg+MrhWYhosT
yzP8pV01LSF07O7CXPdctLc7oQC+WV/guOhuzfxg/OwWx6+OKfZCHNjr/uujW1Po
scOg/rkv0C51zNtsnE4zf5UJ7v/7zQU2TKwP0Wo7c6oJzAbxENg=
=/p5+
-----END PGP SIGNATURE-----
--- End Message ---
