oss-sec mailing list archives
Re: CVE request: PowerDNS recursor source port randomization
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 16 Jul 2008 21:12:44 +0200
* Florian Weimer:
3.1.5 did not use the strong PRNG for source port selection. References: <http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-6> <http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179> Somehow this fell through the cracks. 8-(
We reissued a new security update with the old CVE, as no decision on a SPLIT was reached in time. I believe that the CVE description should be updated ("before version 3.1.6" instead of "before version 3.1.5").
Current thread:
- CVE request: PowerDNS recursor source port randomization Florian Weimer (Jul 09)
- Re: CVE request: PowerDNS recursor source port randomization Florian Weimer (Jul 16)