Package: nsd3 Version: 3.0.7-3.lenny1 Severity: grave Tags: security Dear NSD users and maintainers,
We have released version 3.2.2. of NSD. This is *critical* bugfix release. One of the bugs is a one-byte buffer overflow that allows a carefully crafted exploit to take down your name-server. It is highly unlikely that the one-byte-off issue can lead to other (system) exploits. The bug affects all version of NSD 2.0.0 to 3.2.1. Whether the bug can be exploited to depends on various aspects of the OS and is therefore distribution and compiler dependent. For more information: http://www.nlnetlabs.nl/publications/NSD_vulnerability_announcement.html We strongly recommend you to update your systems to the latest version. If you have reasons for not running the latest version of NSD, we strongly advise you to at least apply the patch that resolves the critical bug. The source and patches are available at our website: http://www.nlnetlabs.nl/downloads/nsd/nsd-3.2.2.tar.gz http://www.nlnetlabs.nl/downloads/nsd/nsd-3.2.1-vuln.patch http://www.nlnetlabs.nl/downloads/nsd/nsd-2.3.7-vuln.patch SHA1 checksum (source): 23fc0be5d447ea852acd49f64743c96403a091fa SHA1 checksum (patch 3.2.1): 20cb9fc73fae951a9cc25822c48b17ca1d956119 SHA1 checksum (patch 2.3.7): 94887d212621b458a86ad5b086eec9240477 Note that NSD 2.X is feature frozen and security patches may not be made available in future events. We acknowledge and thank Ilja von Sprundel of IOActive for finding and reporting this bug. Matthijs Mekking NLnet Labs RELNOTES: BUG FIXES: - - Off-by-one buffer overflow fix while processing the QUESTION section. - - Return BADVERS when NSD does not implement the VERSION level of the request, instead of 0x1<FORMERR>. - - Bugfix #234. - - Bugfix #235. - - Reset 'error occurred' after notifying an error occurred at the $TTL or $ORIGIN directive (Otherwise, the whole zone is skipped because the error is reset after reading the SOA). - - Minor bugfixes. -- Ondřej Surý <ond...@sury.org> http://blog.rfc1925.org/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
