Fedora Account System
Red Hat Associate
Red Hat Customer
It was found that NSD does not implement reasonable restrictions for zone sizes. This allows an explicitly configured primary DNS server for a zone to crash a secondary DNS server, affecting service of other zones hosted on the same secondary server. CVE request: http://seclists.org/oss-sec/2016/q3/19 Upstream bug: https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=790 Proposed patches: https://github.com/sischkg/xfer-limit/blob/master/nsd-4.1.10-xfer-limit-0.0.2.patch https://github.com/sischkg/xfer-limit/blob/master/nsd-4.1.10-xfer-limit-0.0.3.patch https://github.com/sischkg/xfer-limit/blob/master/nsd-4.1.5-xfer-limit-0.0.1.patch
Created nsd tracking bugs for this issue: Affects: fedora-all [bug 1353577] Affects: epel-all [bug 1353578]