Bug 134700 - [MAINTAINER] dns/nsd2: vulnerability fix
Summary: [MAINTAINER] dns/nsd2: vulnerability fix
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Wesley Shields
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-05-19 05:40 UTC by Olafur Osvaldsson
Modified: 2009-05-19 18:20 UTC (History)
0 users

See Also:

Attachments
nsd-2.3.7_1.patch (1.02 KB, patch)
2009-05-19 05:40 UTC, Olafur Osvaldsson 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Olafur Osvaldsson 2009-05-19 05:40:00 UTC 
[DESCRIBE CHANGES]
- Fixing a vulnerability
- Using the update to fix my email address since I quit ISNIC a long time ago (see dns/nsd history)

We have released version 3.2.2. of NSD. This is *critical* bugfix
release. One of the bugs is a one-byte buffer overflow that allows a
carefully crafted exploit to take down your name-server. It is highly
unlikely that the one-byte-off issue can lead to other (system) exploits.

The bug affects all version of NSD 2.0.0 to 3.2.1. Whether the bug can
be exploited to depends on various aspects of the OS and is therefore
distribution and compiler dependent.

For more information:
http://www.nlnetlabs.nl/publications/NSD_vulnerability_announcement.html

We strongly recommend you to update your systems to the latest version.
If you have reasons for not running the latest version of NSD, we
strongly advise you to at least apply the patch that resolves the
critical bug.

Added file(s):
- files/patch-vuln
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2009-05-19 05:40:11 UTC 
Class Changed
From-To: maintainer-update->change-request

Fix category (submitter is not maintainer) (via the GNATS Auto Assign 
Tool)
Comment 2 Edwin Groothuis freebsd_committer freebsd_triage 2009-05-19 05:40:14 UTC 
Maintainer of dns/nsd2,

Please note that PR ports/134700 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/134700

-- 
Edwin Groothuis via the GNATS Auto Assign Tool
edwin@FreeBSD.org
Comment 3 Edwin Groothuis freebsd_committer freebsd_triage 2009-05-19 05:40:16 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Comment 4 Wesley Shields freebsd_committer freebsd_triage 2009-05-19 17:39:14 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->wxs

I'll take it.
Comment 5 dfilter service freebsd_committer freebsd_triage 2009-05-19 18:16:23 UTC 
wxs         2009-05-19 17:16:14 UTC

  FreeBSD ports repository

  Modified files:
    dns/nsd2             Makefile 
  Added files:
    dns/nsd2/files       patch-vuln 
  Log:
  - Fix a one-byte buffer overflow (vuxml entry coming shortly).
  - Update maintainers address.
  
  PR:             ports/134700
  Submitted by:   Olafur Osvaldsson <osvaldsson@icelandic.net> (maintainer)
  
  Revision  Changes    Path
  1.6       +2 -1      ports/dns/nsd2/Makefile
  1.1       +13 -0     ports/dns/nsd2/files/patch-vuln (new)
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 6 Wesley Shields freebsd_committer freebsd_triage 2009-05-19 18:16:25 UTC 
State Changed
From-To: feedback->closed

Committed. Thanks!