Package: pdnsd
Version: 1.2.6-par-9
Severity: important
Tags: security
Yesterday my pdnsd crashed the 1st time:
pdnsd[7364]: segfault at 21 ip 41e72d sp 4335d808 error 6 in pdnsd[400000+2b000]
This may be caused by a "dangling pointer" bug, as described in the pdnsd
1.2.7-par release information¹, dated 2008-09-04.
The release information mentions also:
"It also addresses some of the issues raised in the CERT vulnerability note
VU#800113² by making the default of query_port_start equal to 1024, thereby
ensuring that source ports are randomly selected by the pdnsd resolver in
the range 1024-65535."
Regards,
Pascal
1 = http://www.phys.uu.nl/~rombouts/pdnsd
2 = http://www.kb.cert.org/vuls/id/800113
(Multiple DNS implementations vulnerable to cache poisoning)
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (50, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages pdnsd depends on:
ii adduser 3.110 add and remove users and groups
ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy
ii libc6 2.7-13 GNU C Library: Shared libraries
Versions of packages pdnsd recommends:
pn resolvconf <none> (no description available)
pdnsd suggests no packages.
-- debconf information:
* pdnsd/conf: Manual
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
