[SECURITY] [DSA 2353-1] ldns security update

2011-11-27T00:00:00
ID SECURITYVULNS:DOC:27371
Type securityvulns
Reporter Securityvulns
Modified 2011-11-27T00:00:00

Description

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


Debian Security Advisory DSA-2353-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff November 24, 2011 http://www.debian.org/security/faq


Package : ldns Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2011-3581 Debian Bug :

David Wheeler discovered a buffer overflow in ldns's code to parse RR records, which could lead to the execution of arbitrary code.

For the oldstable distribution (lenny), this problem has been fixed in version 1.4.0-1+lenny2.

For the stable distribution (squeeze), this problem has been fixed in version 1.6.6-2+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 1.6.11-1.

We recommend that you upgrade your ldns packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk7Ot7kACgkQXm3vHE4uylrSowCffpsMakzfAC5Gk3x6sLCZhzri yCoAn1o67u1L+YmV+qF0hMNfeceT9JcQ =y8ze -----END PGP SIGNATURE-----