Bug 1213832
Summary: | CVE-2015-1868 powerdns (recursor) remote crash | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora EPEL | Reporter: | Peter van Dijk (PowerDNS) <peter.van.dijk> | ||||||
Component: | pdns-recursor | Assignee: | Morten Stevens <mstevens> | ||||||
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||||
Severity: | low | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | el5 | CC: | ruben, sparks | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | Unspecified | ||||||||
OS: | Unspecified | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | pdns-recursor-3.6.3-1.el5 | Doc Type: | Bug Fix | ||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2015-04-29 19:20:33 UTC | Type: | Bug | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 1213377 | ||||||||
Attachments: |
|
Description
Peter van Dijk (PowerDNS)
2015-04-21 11:46:48 UTC
Hi Peter, Thank you for informing us. Created attachment 1016814 [details]
patch for recursor 3.7.1
Created attachment 1016815 [details]
patch for ALL affected products (both rec and auth!) excluding rec-3.7.1
Just to clarify: the buggy code is in both auth (3.2 and up) and recursor (3.5 and up). However, we have only seen the actual crash with the recursor on el5. As such, I have not opened bugs for el6 and el7, and for auth on all distributions. I do recommend updating all these packages, however, as we may be missing part of the impact of the bug. Hi Martin, Could you please remove the private group flag here? It's now public. pdns-recursor-3.6.3-1.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/pdns-recursor-3.6.3-1.el5 Package pdns-recursor-3.6.3-1.el5: * should fix your issue, * was pushed to the Fedora EPEL 5 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing pdns-recursor-3.6.3-1.el5' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-5952/pdns-recursor-3.6.3-1.el5 then log in and leave karma (feedback). pdns-recursor-3.6.3-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report. |