To add even more confusion: I did a final tweak to the hash compression function yesterday.
TL;DR summary: Use MaraDNS 1.3.07.14, 1.4.10, any 2.0 release, or apply this patch to an older release of MaraDNS: http://maradns.org/download/patches/maradns-1.3-better_hash.patch Long summary: I made one release, realized that had problems, made another release the next day, realized *that* had problems, and made a (hopefully final) third update yesterday: http://samiam.org/blog/20111229.html http://samiam.org/blog/20111230.html http://samiam.org/blog/20120113.html - Sam 2012/1/14 Julien Cristau <jcris...@debian.org>: > On Thu, Jan 12, 2012 at 22:55:10 +0000, Nicholas Bamber wrote: > >> Julien, >> Comments below. What is the next step? >> > On http://security-tracker.debian.org/tracker/source-package/maradns I > see three issues: CVE-2011-5055, CVE-2011-5056 and CVE-2012-0024. Which > one is this fixing, and what's the status of the 2011-505* ones in > unstable? They're listed as unfixed in the tracker. > > Cheers, > Julien -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/ca+7smpszm66mexcvn6mese-vug2rn8qcm0gsi0+ouy0vex0...@mail.gmail.com
