Sophie

Sophie

distrib > Mageia > 1 > i586 > by-pkgid > b24f4357c8479344be16703c233650c5 > files > 74

pdns-2.9.22-9.mga1.i586.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Security</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="PowerDNS manual"
HREF="index.html"><LINK
REL="UP"
TITLE="The PowerDNS dynamic nameserver"
HREF="powerdns.html"><LINK
REL="PREVIOUS"
TITLE="Release notes"
HREF="changelog.html"><LINK
REL="NEXT"
TITLE="PowerDNS Security Advisory 2006-01: Malformed TCP queries can lead to a buffer overflow which might be exploitable"
HREF="powerdns-advisory-2006-01.html"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>PowerDNS manual</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="changelog.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 1. The PowerDNS dynamic nameserver</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="powerdns-advisory-2006-01.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="SECURITY-POLICY"
>1.4. Security</A
></H1
><P
>	As of the 11th of November 2006, no actual security problems with PowerDNS 2.9.18, Recursor 3.1.4, or later are known about.  This page 
	will be updated with all bugs which are deemed to be security problems, or could conceivably lead to those. Any such notifications
	will also be sent to all PowerDNS mailinglists.
      </P
><P
>	Version 3.1.3 and earlier of the PowerDNS recursor contain two security issues, both of which can lead to a denial of service, both of which can be triggered
	by remote users. One of the issues might lead be exploited and lead to a system compromise. For more detail, see <A
HREF="powerdns-advisory-2006-01.html"
>Section 1.5</A
> and
	<A
HREF="powerdns-advisory-2006-02.html"
>Section 1.6</A
>.
      </P
><P
>	Version 3.0 of the PowerDNS recursor contains a denial of service bug which can be exploited remotely. This bug, which we believe to only lead to a crash,
	has been fixed in 3.0.1. There are no guarantees however, so an upgrade from 3.0 is highly recommended.
      </P
><P
>	All versions of PowerDNS before 2.9.18 contain the following two bugs, which only apply to installations running with the LDAP backend, or installations providing recursion
	to a limited range of IP addresses. If any of these apply to you, an upgrade is highly advised:
	<P
></P
><UL
><LI
><P
>	      The LDAP backend did not properly escape all queries, allowing it to fail and not answer questions. We have not investigated further risks involved,
	      but we advise LDAP users to update as quickly as possible (Norbert Sendetzky, Jan de Groot)
	    </P
></LI
><LI
><P
>	      Questions from clients denied recursion could blank out answers to clients who are allowed recursion services, temporarily. Reported by Wilco Baan.
	      This would've made it possible for outsiders to blank out a domain temporarily to your users. Luckily PowerDNS would send out SERVFAIL or Refused, and
	      not a denial of a domain's existence.
	    </P
></LI
></UL
>
      </P
><P
>	All versions of PowerDNS before 2.9.17 are known to suffer from remote denial of service problems which can disrupt operation. Please upgrade
	to 2.9.17 as this page will only contain detailed security information from 2.9.17 onwards.
      </P
><P
>	If you have a security problem to report, please email us at both <CODE
CLASS="EMAIL"
>&#60;<A
HREF="mailto:powerdns@powerdns.com"
>powerdns@powerdns.com</A
>&#62;</CODE
> and at
	<CODE
CLASS="EMAIL"
>&#60;<A
HREF="mailto:ahu@ds9a.nl"
>ahu@ds9a.nl</A
>&#62;</CODE
>. We adhere to the <A
HREF="http://www.wiretrip.net/rfp/policy.html"
TARGET="_top"
>Rain Forest Puppy
	  Full Disclosure Policy (RFPolicy) v2.0</A
> and we ask you to do the same.
      </P
><P
>	We remind PowerDNS users that under the terms of the GNU General Public License, PowerDNS comes with ABSOLUTELY NO WARRANTY. 
	This license is included in the distribution and in this documentation, see <A
HREF="license.html"
>Appendix E</A
>.
      </P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="changelog.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="powerdns-advisory-2006-01.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Release notes</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="powerdns.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>PowerDNS Security Advisory 2006-01: Malformed TCP queries can lead to a buffer overflow which might be exploitable</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional