Bugtraq mailing list archives
[SECURITY] [DSA 2196-1] maradns security update
From: Raphael Geissert <geissert () debian org>
Date: Sat, 19 Mar 2011 17:50:18 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2196-1 security () debian org http://www.debian.org/security/ Raphael Geissert March 19, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : maradns Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2011-0520 Debian Bug : 610834 Witold Baryluk discovered that MaraDNS, a simple security-focused Domain Name Service server, may overflow an internal buffer when handling requests with a large number of labels, causing a server crash and the consequent denial of service. For the oldstable distribution (lenny), this problem has been fixed in version 1.3.07.09-2.1. For the stable distribution (squeeze) and greater this problem had already been fixed in version 1.4.03-1.1. We recommend that you upgrade your maradns packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce () lists debian org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk2FQTsACgkQYy49rUbZzlpDtgCdHI7IY/22FzcEVCRlkQjU4Ui9 ScwAn1ZJ8Rg/ZZXOUGlt6Ueohfdvq2tq =/024 -----END PGP SIGNATURE-----
Current thread:
- [SECURITY] [DSA 2196-1] maradns security update Raphael Geissert (Mar 21)