[nsd-users] [NLnet Labs Maintainers] NSD 3.2.2 release [critical]
Brad
brad at comstyle.com
Tue May 19 00:46:13 UTC 2009
On Monday 18 May 2009 20:10:28 Paul Wouters wrote:
> On Mon, 18 May 2009, Matthijs Mekking wrote:
> > We have released version 3.2.2. of NSD. This is *critical* bugfix
> > release. One of the bugs is a one-byte buffer overflow that allows a
> > carefully crafted exploit to take down your name-server. It is highly
> > unlikely that the one-byte-off issue can lead to other (system) exploits.
>
> I'm pushing updates to Fedora/EPEL right now...
>
> I did have to add the following patch to prevent the rundir from being
> created twice (rpmbuild aborts on that):
Did the same thing for OpenBSD otherwise the build fails.. also removed
dbdir since it is creating a dir different from where the files are actually
stored.
> --- nsd-3.2.2/Makefile.in 2009-04-03 07:56:43.000000000 -0400
> +++ nsd-3.2.2-fix/Makefile.in 2009-05-18 17:39:19.777532510 -0400
> @@ -318,7 +318,7 @@ nsd.conf.sample: $(srcdir)/nsd.conf.samp
> install: all
> $(INSTALL) -d $(DESTDIR)$(sbindir)
> $(INSTALL) -d $(DESTDIR)$(configdir)
> - $(INSTALL) -d $(DESTDIR)$(piddir)
> +# $(INSTALL) -d $(DESTDIR)$(piddir)
> $(INSTALL) -d $(DESTDIR)$(dbdir)
> $(INSTALL) -d $(DESTDIR)$(mandir)
> $(INSTALL) -d $(DESTDIR)$(mandir)/man8
>
> Paul
> _______________________________________________
> Maintainers mailing list
> Maintainers at nlnetlabs.nl
> http://nlnetlabs.nl/mailman/listinfo/maintainers
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the nsd-users
mailing list