3.2.13 is out for a month already, might be nice to get an updated package...
https://www.nlnetlabs.nl/projects/nsd/ {{{ NSD 3.2.13 Jul 27, 2012 Bugfixes Bugfix #461 (VU#517036 CVE-2012-2979): NSD denial of service vulnerability from DNS packet when using --enable-zone-stats. Bugfix #460: man page correction - identity. Fix for nsd-patch segfault if zone has been removed from nsd.conf (thanks Ilya Bakulin) NSD 3.2.12 Jul 19, 2012 Bugfixes Fix for VU#624931 CVE-2012-2978: NSD denial of service vulnerability from non-standard DNS packet from any host on the internet. NSD 3.2.11 Jul 9, 2012 Features Fallback to AXFR if IXFR is unknown at the primary. NSD considers IXFR unknown at the primary if there is a negative response for the IXFR RRtype. This does not override the value for 'allow-axfr-fallback'. Allow for reading in new DNSKEY algorithm mnemonics (RFC5155, RFC5702, RFC5933, and RFC6605 (ECDSA)). Zone statistics, enable with --enable-zone-stats. This stores the BIND8 stats per zone in a configurable statistics file. This option does not scale and should therefore not be enabled when serving many zones. Support for TLSA RRtype (DANE). Bugfixes Fix for qtype ANY for a wildcard domain in NSEC signed zone: Don't add the wildcard domain NSEC into the answer section. Instead, put the wildcard expanded NSEC into the answer section and keep the wildcard domain NSEC in the authority section. Fix for accept spinning reported by OpenBSD. Fix restart failed due to bad ixfr packet because of zone removed from nsd.conf. Bugfix #453: typo in nsdc man page. }}} ** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-2978 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-2979 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/378251 Title: security bug in nsd requires patching to prevent DOS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nsd3/+bug/378251/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
