Your message dated Wed, 15 Oct 2008 09:17:09 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#502275: fixed in pdnsd 1.2.6-par-11 has caused the Debian Bug report #502275, regarding (no subject) to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 502275: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502275 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems
--- Begin Message ---Package: pdnsd Version: 1.2.6-par-1 Severity: grave Backport the upstream patch attached to the changelog entry: 2008-07-29 Paul Rombouts <p.a.rombouts (at) home.nl> * src/conff.c,src/dns_query.c Made the default of the configuration option query_port_start equal to 1024. Also improved the algorithm used by pdnsd to select random source ports to ensure that each (free) port gets an equal chance of being selected. This should guarantee random source ports in the range 1024-65535, making pdnsd less vulnerable to some of the issues described in CERT VU#800113. The old situation, where pdnsd lets the kernel select the source ports, is still available by specifying query_port_start=none.
--- End Message ---
--- Begin Message ---Source: pdnsd Source-Version: 1.2.6-par-11 We believe that the bug you reported is fixed in the latest version of pdnsd, which is due to be installed in the Debian FTP archive: pdnsd_1.2.6-par-11.diff.gz to pool/main/p/pdnsd/pdnsd_1.2.6-par-11.diff.gz pdnsd_1.2.6-par-11.dsc to pool/main/p/pdnsd/pdnsd_1.2.6-par-11.dsc pdnsd_1.2.6-par-11_amd64.deb to pool/main/p/pdnsd/pdnsd_1.2.6-par-11_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Pierre Habouzit <[EMAIL PROTECTED]> (supplier of updated pdnsd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 15 Oct 2008 10:02:52 +0200 Source: pdnsd Binary: pdnsd Architecture: source amd64 Version: 1.2.6-par-11 Distribution: unstable Urgency: high Maintainer: Pierre Habouzit <[EMAIL PROTECTED]> Changed-By: Pierre Habouzit <[EMAIL PROTECTED]> Description: pdnsd - Proxy DNS Server Closes: 502275 Changes: pdnsd (1.2.6-par-11) unstable; urgency=high . * Follow-up for CVE-2008-1447: activate port-randomization, do not trust the kernel for it (Closes: #502275). Checksums-Sha1: 2e2734ba081e568df8cac78c9d5340cdc07a9988 1139 pdnsd_1.2.6-par-11.dsc 55ce340df4f998fc78bc468bd3d903c3dbbb346f 81285 pdnsd_1.2.6-par-11.diff.gz 37b78a12e361e3e91d5b67387616ce5790b99c5a 287488 pdnsd_1.2.6-par-11_amd64.deb Checksums-Sha256: a12cec8d2321b8a20b20c75a6af787ebe9a602955c6cd18b795e9b7810e78909 1139 pdnsd_1.2.6-par-11.dsc abf44c2fcffb64458da3c542fa26debe65ff14f75c3d3032b8ac7d66533bdb4b 81285 pdnsd_1.2.6-par-11.diff.gz 0f97a2ae53e2e9026dd92893d99f8bd01e3a0d54d2431f53b51f9538cb0a13f4 287488 pdnsd_1.2.6-par-11_amd64.deb Files: 6b0decf4c6531ea80fc29a563769d834 1139 net optional pdnsd_1.2.6-par-11.dsc f4a80152ee86da711236344417df3488 81285 net optional pdnsd_1.2.6-par-11.diff.gz 85616aee645e5abfc7f1892bbf85a058 287488 net optional pdnsd_1.2.6-par-11_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkj1pG0ACgkQvGr7W6Hudhz6AACfe9U+McU96B6gAersJorh8NRf yY0Anibbe0xhGbDZn4O3GkWT8UhKtMKJ =D1ji -----END PGP SIGNATURE-----
--- End Message ---
