[nsd-users] NSD 3.2.2 release [critical]
Paul Wouters
paul at xelerance.com
Tue May 19 00:10:28 UTC 2009
On Mon, 18 May 2009, Matthijs Mekking wrote:
> We have released version 3.2.2. of NSD. This is *critical* bugfix
> release. One of the bugs is a one-byte buffer overflow that allows a
> carefully crafted exploit to take down your name-server. It is highly
> unlikely that the one-byte-off issue can lead to other (system) exploits.
I'm pushing updates to Fedora/EPEL right now...
I did have to add the following patch to prevent the rundir from being
created twice (rpmbuild aborts on that):
--- nsd-3.2.2/Makefile.in 2009-04-03 07:56:43.000000000 -0400
+++ nsd-3.2.2-fix/Makefile.in 2009-05-18 17:39:19.777532510 -0400
@@ -318,7 +318,7 @@ nsd.conf.sample: $(srcdir)/nsd.conf.samp
install: all
$(INSTALL) -d $(DESTDIR)$(sbindir)
$(INSTALL) -d $(DESTDIR)$(configdir)
- $(INSTALL) -d $(DESTDIR)$(piddir)
+# $(INSTALL) -d $(DESTDIR)$(piddir)
$(INSTALL) -d $(DESTDIR)$(dbdir)
$(INSTALL) -d $(DESTDIR)$(mandir)
$(INSTALL) -d $(DESTDIR)$(mandir)/man8
Paul
More information about the nsd-users
mailing list