CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2011/02/05 02:23:52
Modified files:
net/maradns : Makefile distinfo
Log message:
SECURITY update to 1.3.07.11 - CVE-2011-0520
The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.3.x
allows remote attackers to cause a denial of service (segmentation fault)
and possibly execute arbitrary code via a long DNS hostname with a large
number of labels, which triggers a heap-based buffer overflow.
>From Brad, ok aja@
