Bug#647297: marked as done (CVE-2011-3581: heap overflow flaw in ldns_rr_new_frm_str_internal())

Debian Bug Tracking System Sat, 26 Nov 2011 05:57:41 -0800

Your message dated Sat, 26 Nov 2011 13:55:00 +0000
with message-id <e1ruiia-0003eu...@franck.debian.org>
and subject line Bug#647297: fixed in ldns 1.6.6-2+squeeze1
has caused the Debian Bug report #647297,
regarding CVE-2011-3581: heap overflow flaw in ldns_rr_new_frm_str_internal()
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
647297: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=647297
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: ldns
Severity: grave
Tags: security

Please see https://bugzilla.redhat.com/show_bug.cgi?id=741024
http://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=403

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: ldns
Source-Version: 1.6.6-2+squeeze1

We believe that the bug you reported is fixed in the latest version of
ldns, which is due to be installed in the Debian FTP archive:

ldns_1.6.6-2+squeeze1.debian.tar.gz
  to main/l/ldns/ldns_1.6.6-2+squeeze1.debian.tar.gz
ldns_1.6.6-2+squeeze1.dsc
  to main/l/ldns/ldns_1.6.6-2+squeeze1.dsc
ldnsutils_1.6.6-2+squeeze1_amd64.deb
  to main/l/ldns/ldnsutils_1.6.6-2+squeeze1_amd64.deb
libldns-dev_1.6.6-2+squeeze1_amd64.deb
  to main/l/ldns/libldns-dev_1.6.6-2+squeeze1_amd64.deb
libldns1_1.6.6-2+squeeze1_amd64.deb
  to main/l/ldns/libldns1_1.6.6-2+squeeze1_amd64.deb
python-ldns_1.6.6-2+squeeze1_amd64.deb
  to main/l/ldns/python-ldns_1.6.6-2+squeeze1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 647...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý <ond...@debian.org> (supplier of updated ldns package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 23 Nov 2011 08:20:55 +0100
Source: ldns
Binary: libldns1 libldns-dev ldnsutils python-ldns
Architecture: source amd64
Version: 1.6.6-2+squeeze1
Distribution: stable-security
Urgency: low
Maintainer: Ondřej Surý <ond...@debian.org>
Changed-By: Ondřej Surý <ond...@debian.org>
Description: 
 ldnsutils  - ldns library for DNS programming
 libldns-dev - ldns library for DNS programming
 libldns1   - ldns library for DNS programming
 python-ldns - Python bindings for the ldns library for DNS programming
Closes: 647297
Changes: 
 ldns (1.6.6-2+squeeze1) stable-security; urgency=low
 .
   * Fix heap overflow in ldns_rr_new_frm_str_internal [CVE-2011-3581]
     (Closes: #647297)
Checksums-Sha1: 
 38d966c7397493aba0a6a82c88ac6db686453a6e 1217 ldns_1.6.6-2+squeeze1.dsc
 d9615d6d0021ec35fb089635cba6401bc87ac962 955239 ldns_1.6.6.orig.tar.gz
 554f1411c6949cf4be44045c211612faed340ebd 11912 
ldns_1.6.6-2+squeeze1.debian.tar.gz
 1a778e243384b5b3cdbdc07129e1be96db70ff0c 146286 
libldns1_1.6.6-2+squeeze1_amd64.deb
 04f679aa85268238e6a29f64e5ac60164e589a0b 556396 
libldns-dev_1.6.6-2+squeeze1_amd64.deb
 cd32a9c9369c240b2633ce5ba46a5df2e047e41a 153866 
ldnsutils_1.6.6-2+squeeze1_amd64.deb
 5849464ae2ca0cdf7027126e2350917851a50c6d 379378 
python-ldns_1.6.6-2+squeeze1_amd64.deb
Checksums-Sha256: 
 3834e960d3baf7c17c14d880aac2e4100512cfa1e19603bf28731b483aaf2633 1217 
ldns_1.6.6-2+squeeze1.dsc
 04e001d281434debf13d065bddb51d2f26a2427bcf658127bd3690640e7bff41 955239 
ldns_1.6.6.orig.tar.gz
 0a4682d8ce1c551d1e279e83b2db230bc47483f914b4f7449b69976a010bfeb7 11912 
ldns_1.6.6-2+squeeze1.debian.tar.gz
 a1b797c10a1fdc82c34032fdeaef62d230a0fca5b5d11e27c8253ca600fc59f6 146286 
libldns1_1.6.6-2+squeeze1_amd64.deb
 256ec1747c6aba12a8b2d731fd51fc3247f4892325c70f5f6c2792faab1f4751 556396 
libldns-dev_1.6.6-2+squeeze1_amd64.deb
 1c9f93a0206a911642c55ce6e2ab81c9517b12a1c622c6ac7667c094b7a4d3ef 153866 
ldnsutils_1.6.6-2+squeeze1_amd64.deb
 2c448aaf10b4ca9d73c110c4473dfa063b4e2d3dc6775896f487d72b430d8bbf 379378 
python-ldns_1.6.6-2+squeeze1_amd64.deb
Files: 
 c9f2b7d6e8cc2ba0b072288b29bbfd29 1217 net extra ldns_1.6.6-2+squeeze1.dsc
 f2bff31764c98aa69749070a21199164 955239 net extra ldns_1.6.6.orig.tar.gz
 85a1f90c07aab571923051363d5a23ea 11912 net extra 
ldns_1.6.6-2+squeeze1.debian.tar.gz
 c80dc94934dc06b53a7ba72f1760fd86 146286 libs extra 
libldns1_1.6.6-2+squeeze1_amd64.deb
 d4b97291eafcded7de7252f8a49618f4 556396 libdevel extra 
libldns-dev_1.6.6-2+squeeze1_amd64.deb
 13c6b2de832707867d52a7e1f59e4061 153866 net extra 
ldnsutils_1.6.6-2+squeeze1_amd64.deb
 154ec0b3f66958ffd174fab2485ee07e 379378 python extra 
python-ldns_1.6.6-2+squeeze1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk7NAZYACgkQ9OZqfMIN8nO1kgCffSfUWp7TUPTq1iU7+P+Pv2v0
SIUAoKXwrv5BwgKF+mlr3CjTJ3byS6zd
=8irh
-----END PGP SIGNATURE-----

--- End Message ---

Bug#647297: marked as done (CVE-2011-3581: heap overflow flaw in ldns_rr_new_frm_str_internal())

Reply via email to