Bug#499433: marked as done (pdnsd: Version 1.2.7-par has been released (security related and bug fix))

Sat, 11 Jun 2011 19:18:51 -0700 

Your message dated Sun, 12 Jun 2011 10:14:02 +0800
with message-id <[email protected]>
and subject line Close this old bug
has caused the Debian Bug report #499433,
regarding pdnsd: Version 1.2.7-par has been released (security related and bug 
fix)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
499433: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499433
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: pdnsd
Version: 1.2.6-par-9
Severity: important
Tags: security

Yesterday my pdnsd crashed the 1st time:
pdnsd[7364]: segfault at 21 ip 41e72d sp 4335d808 error 6 in pdnsd[400000+2b000]
This may be caused by a "dangling pointer" bug, as described in the pdnsd
1.2.7-par release information¹, dated 2008-09-04.

The release information mentions also: 
    "It also addresses some of the issues raised in the CERT vulnerability note
     VU#800113² by making the default of query_port_start equal to 1024, thereby
     ensuring that source ports are randomly selected by the pdnsd resolver in 
     the range 1024-65535."

Regards,
Pascal

1 = http://www.phys.uu.nl/~rombouts/pdnsd
2 = http://www.kb.cert.org/vuls/id/800113
    (Multiple DNS implementations vulnerable to cache poisoning)

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing'), (50, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages pdnsd depends on:
ii  adduser                       3.110      add and remove users and groups
ii  debconf [debconf-2.0]         1.5.22     Debian configuration management sy
ii  libc6                         2.7-13     GNU C Library: Shared libraries

Versions of packages pdnsd recommends:
pn  resolvconf                    <none>     (no description available)

pdnsd suggests no packages.

-- debconf information:
* pdnsd/conf: Manual

--- End Message ---
--- Begin Message --- 
Close this old bug, the version in archive is now a major version higher.

-- 
Regards,
Aron Xu

--- End Message ---

Reply via email to