Package: pdnsd Version: 1.2.6-par-1 Severity: grave Backport the upstream patch attached to the changelog entry:
2008-07-29 Paul Rombouts <p.a.rombouts (at) home.nl> * src/conff.c,src/dns_query.c Made the default of the configuration option query_port_start equal to 1024. Also improved the algorithm used by pdnsd to select random source ports to ensure that each (free) port gets an equal chance of being selected. This should guarantee random source ports in the range 1024-65535, making pdnsd less vulnerable to some of the issues described in CERT VU#800113. The old situation, where pdnsd lets the kernel select the source ports, is still available by specifying query_port_start=none. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]