Source: djbdns Followup-For: Bug #516394 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Hi, regarding this bug: It seems that the the German Chaos Computer Clubs' DNS got be owned due to this bug. [1] It might be argueable if DNS is generally broken or not, but according [2] and the fact that the attack indeed happened sheds a bad light on djbdns -- patches are available since 5 years! So *please* fix this issue (patches are available!) or remove djbnds from Debian. Reasons would be RoQA, RC buggy since years, dead upstream, better alternatives available. i I'd incline removal, at least of the original version (if the fork is not affected) - -- coldtobi [1] (Sorry, German) http://www.heise.de/newsticker/meldung/DNS-Server-des-CCC-Anfaellig-wegen-veralteter-Software-2112171.html [2] http://www.your.org/dnscache/djbdns.pdf - -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.12-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJS/R0xAAoJEJFk+h0XvV02/m0P/16ELF+KNknU2zoABF1CzIAu GjOXvw888/45EJ7EqKVPhNATVsOVmMmrSFzl/ije8QpEusozBirT8x5IGPgEDrs9 7tjZ9qDUaHobBqqRtq/P/EuRSf01jtWOCVzjUowuQTBLCx2cUn5JV39zz5ZAB/pw x5BzYnZmZdGeyUlENaYHqj+cowY+2a3E9gPaifSMT1/naZODcxdsVPohFZlfJO9a ysKzr9dXaXeXOqGJfRPnR1fT+2XqIK5ncGh00cVrAmZBCscQdnl+aUmCYYaZnycX lQjjNpm0iWCZ0Ugivgr/wa5TI6MiZ95vG5tkoJ19B3A824lmpdF3zTMIVPsvA7Fn 2sE23dCQrQ2U6gR9pRzdm+BqcrBr2+8fn7Bbymc0nPxAgvqJ3oK5ktRTR5MHuQaB meaceNqhrVIA3PUZcpqXH/aHPhzeQT2ObI++7U4BVZVryQGB7FrM8AfJsmW910hA wXRbhZPQTAffHeyW87gtvpfmmB5KJntw4/X/MACnbH2AfzJgO+2tmCgGO65xNDC4 FWaz6qp/EJu1Y7+LvRXUXU7LOT2e1Xi7rEF7YNRe/BXtN3TVoEyrkJZzIE6Id7GK mw1YbCmkcsnwXuZBvfIerAr17o9Lbb/DiyJmxHMtaFhDSAGJz+Zlr2kWZija09jg ocwHUmeyCQu77e42EfPP =iphY -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
