Bug 772570 (CVE-2012-0206)
Summary: | Denial of Service vulnerability in PowerDNS 2.9.22 | ||
---|---|---|---|
Product: | [Fedora] Fedora EPEL | Reporter: | Nils Breunese <nils> |
Component: | pdns | Assignee: | Ruben Kerkhof <ruben> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | el5 | CC: | maurizio.antillon, ruben, tmz |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | pdns-2.9.22.6-1.el6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-02-04 01:07:45 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Nils Breunese
2012-01-09 09:39:58 UTC
*** Bug 772581 has been marked as a duplicate of this bug. *** We don't ship PowerDNS, nor does Fedora. Forgot that Fedora calls it pdns, not powerdns. That's why Nils opened a bug in the Fedora EPEL component, not Red Hat. Thanks for the help, but I rather handle my own bugs myself. I opened #772581 to keep track of this in Fedora, not EPEL. pdns-2.9.22-4.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/pdns-2.9.22-4.el5 pdns-2.9.22.5-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/pdns-2.9.22.5-1.el6 Package pdns-2.9.22.5-1.el6: * should fix your issue, * was pushed to the Fedora EPEL 6 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing pdns-2.9.22.5-1.el6' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0061/pdns-2.9.22.5-1.el6 then log in and leave karma (feedback). According to http://mailman.powerdns.com/pipermail/pdns-users/2012-January/008492.html 2.9.22.5 introduces a crashing bug when using PowerDNS as an AXFR slave. 2.9.22.6 will be released this week to address this issue. Thanks Nils, I didn't see that one since I'm only subscribed to pdns-devel. I have 2.9.22.5 running in production for a week now, on 1 master and 2 AXFR slaves, and haven't seen any crashes. Just to be save, I'll refrain from pushing 2.9.22.5 and wait for the 2.9.22.6 update. Maybe you could just apply the one-line patch to fix the denial of service vulnerability and release that? PowerDNS 2.9.22.6 has been released: ---- The improvements to the master/slave engine in 2.9.22.5 contained one serious bug that can cause crashes on busy setups. 2.9.22.6 fixes this crash. ---- http://doc.powerdns.com/changelog.html#changelog-auth-2-9-22-6 pdns-2.9.22.6-1.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/pdns-2.9.22.6-1.el6 pdns-2.9.22-4.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report. pdns-2.9.22.6-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. |