| Summary: | CVE-2011-0520 MaraDNS: Heap-based buffer overflow by processing long DNS hostname with a large number of labels | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED WONTFIX | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | bressers, jrusnack, mfleming+rpm, vdanen, wnefal+redhatbugzilla |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | maradns 1.3.07.11, maradns 1.4.06 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-06-10 22:33:06 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Bug Depends On: | 673574 | ||
| Bug Blocks: | |||
|
Description
Jan Lieskovsky
2011-01-28 19:36:18 UTC
Was not able to reproduce the issue based on reproducer details: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834#5 on maradns-1.3.07.09-3.fc12.i686 version, but look into the relevant code part suggest: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834#28 this version is affected, and we should fix it. Created maradns tracking bugs for this issue Affects: fedora-all [bug 673574] Upstream post with more details and the fix: http://woodlane.webconquest.com/pipermail/list/2011-January/000784.html Fixed upstream in versions 1.4.06 and 1.3.07.11. *** Bug 688987 has been marked as a duplicate of this bug. *** This is still unfixed in Fedora 16, no longer shipped in Fedora 17+. |