Your message dated Sat, 30 Jul 2016 22:25:02 +0000
with message-id <[email protected]>
and subject line Bug#830808: fixed in pdns 4.0.1-1
has caused the Debian Bug report #830808,
regarding pdns: CVE-2016-6172: Improper restriction of zone size limit
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
830808: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830808
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: pdns
Version: 4.0.0~beta1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/PowerDNS/pdns/issues/4128
Hi,
the following vulnerability was published for pdns.
CVE-2016-6172[0]:
Improper restriction of zone size limit
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-6172
[1] https://github.com/PowerDNS/pdns/issues/4128
Please adjust the affected versions in the BTS as needed.
As mentioned at DebConf, this is a minor issue which does not warrant
a DSA. But it will be nice if you can fix this via a Jessie point
release. Thanks a lot for your work on pdns!
Regards,
Salvatore
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Source: pdns
Source-Version: 4.0.1-1
We believe that the bug you reported is fixed in the latest version of
pdns, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Christian Hofstaedtler <[email protected]> (supplier of updated pdns package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 30 Jul 2016 20:38:41 +0000
Source: pdns
Binary: pdns-server pdns-tools pdns-backend-bind pdns-backend-pipe
pdns-backend-ldap pdns-backend-geoip pdns-backend-mysql pdns-backend-odbc
pdns-backend-pgsql pdns-backend-sqlite3 pdns-backend-lua pdns-backend-remote
pdns-backend-opendbx pdns-backend-mydns pdns-backend-tinydns
Architecture: source
Version: 4.0.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian DNS Packaging <[email protected]>
Changed-By: Christian Hofstaedtler <[email protected]>
Description:
pdns-backend-bind - BIND backend for PowerDNS
pdns-backend-geoip - geoip backend for PowerDNS
pdns-backend-ldap - LDAP backend for PowerDNS
pdns-backend-lua - Lua backend for PowerDNS
pdns-backend-mydns - MyDNS compatibility backend for PowerDNS
pdns-backend-mysql - generic MySQL backend for PowerDNS
pdns-backend-odbc - generic UnixODBC backend for PowerDNS
pdns-backend-opendbx - OpenDBX backend for PowerDNS
pdns-backend-pgsql - generic PostgreSQL backend for PowerDNS
pdns-backend-pipe - pipe/coprocess backend for PowerDNS
pdns-backend-remote - remote backend for PowerDNS
pdns-backend-sqlite3 - sqlite 3 backend for PowerDNS
pdns-backend-tinydns - tinydns compatibility backend for PowerDNS
pdns-server - extremely powerful and versatile nameserver
pdns-tools - Tools for DNS debugging by PowerDNS
Closes: 828490 830808
Changes:
pdns (4.0.1-1) unstable; urgency=medium
.
* New upstream release, drop upstream applied patch. (Closes: #828490,
#830808)
Checksums-Sha1:
e2806177d0b5ea1825dab015451aba878ed6e303 3317 pdns_4.0.1-1.dsc
c70157875c78ffa64d39e9cd4b5b816c8efb58d3 1304788 pdns_4.0.1.orig.tar.bz2
17d667eab0f8e019c5e1e2fab1f22441b5635564 41740 pdns_4.0.1-1.debian.tar.xz
Checksums-Sha256:
b640af476ef3a67a9807c7f52234f55f80c9c4363f2dee1d9b5dd30c7d71391b 3317
pdns_4.0.1-1.dsc
d191eed4a6664430e85969f49835c59e810ecbb7b3eb506e64c6b2734091edd7 1304788
pdns_4.0.1.orig.tar.bz2
07ffb2e3c322511ad029a395c0ebb9cf5c25ba208bd872a50684e1f9e2d54a1b 41740
pdns_4.0.1-1.debian.tar.xz
Files:
a6cd7c8585fbb3938515ad6c76758ce3 3317 net extra pdns_4.0.1-1.dsc
d34a390672aa043f8a287e5bb2284f4a 1304788 net extra pdns_4.0.1.orig.tar.bz2
16fefc9156215c7bf54fa2f29d79deae 41740 net extra pdns_4.0.1-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJXnRhPAAoJEFwT1tuTBS4DZacP/jD3SZiYgDlLYrACXUxJggwn
wcXlacZobdiSa/h6zxatnrtq39OV8ik7VC6qDrAUzyA1dLbB43vSUwOVMt2hJsfj
ckLilmQUEp+xj0h02r4uXqe3pzQGouLlQa77sAIPlgidvTgnwmr3jC5jgNT2V/op
pPcJbkJg36PMUjRIdj3A1hmYaUZuQMTXefXc1D/VQMC0RQwdoWeygcOnMt6ZsBAL
L89PiAKUrT0Bxm+kA7woP+VqgAA1oK+V3lt4/bnXRX5qYq+AgatJvQbqB9yVu0JO
PooRcVC/04dPDdTEsk47hZnTzXysslcFGDUrLzhu45tzDE/bL81pzBPBHjb96WMK
8Vf9Glunzo6rsgxtplEOjES8mW2gpA52eUjpoJg8UXNggtD5qY7kcUnOjWZHAv/s
vhTxP+NVtOzeRgJwXFs9AVxQLh9AwlGIEncxU0gzcUNEaPhkWxdLStAzSE4l2gqC
/AWQ+Z+DbeilubKglmvlL9Q0jau3fo4v9ygtV1aAInmaEi2XnXIAYh2N9eNLk9U3
KzdnLsEHjZpXHZeLbDBhnwaRPtXfo4S/FXAdm3aCPJ7iB1bKtRQgC5Joud9Ups0r
s3JN7oNOdp60mWElAvkueQKxGk8uDdWNbT9FVRKqH5j4rLcBk4HCO9bJbOujfzpB
lDz/+ezZKHiSJKJVWaFr
=uvjr
-----END PGP SIGNATURE-----
--- End Message ---
