Launchpad Number: 1471161 CVE: TBA Date: July 28, 2015 Title: Designate mDNS DoS through incorrect handling of large RecordSets Reporter: Florian Weimer (Red Hat) Products: Designate Versions: 2015.1.0 through 1.0.0.0b1
Description: Florian Weimer from Red Hat reported a vulnerability in Designate. By creating a single RecordSet that exceeds the configured max allowed DNS packet size, an authenticated user may cause the Designate mDNS service to enter an infinite loop, triggering a DoS. Liberty (development branch) fix: https://review.openstack.org/206578 Kilo fix: https://review.openstack.org/206580 Notes: This fix will be included in a future 1.0.0.0b2 release. References: https://launchpad.net/bugs/1471161 -- Kiall Mac Innes, OpenStack Designate PTL
0x6DD192A2.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OpenStack-announce mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-announce
