CVSROOT: /cvs Module name: ports Changes by: st...@cvs.openbsd.org 2011/02/05 02:23:52
Modified files: net/maradns : Makefile distinfo Log message: SECURITY update to 1.3.07.11 - CVE-2011-0520 The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.3.x allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a heap-based buffer overflow. >From Brad, ok aja@