[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 18 Apr 2015 23:02:24 +0200
From: Laurent Bercot <ska-dietlibc@...rnet.org>
To: musl@...ts.openwall.com
Subject: Re: Re: Security advisory for musl libc - stack-based buffer
overflow in ipv6 literal parsing [CVE-2015-1817]
On 18/04/2015 21:56, Rich Felker wrote:
> mail.aerifal.cx 74177 IN A 216.12.86.13
>
> I don't see any CNAMEs involved. Can you show me where the CNAME is
> coming from?
There must be something poisoning caches somewhere, or you changed
something recently.
Initially, here's what I had in my cache:
$ s6-dnsqr a mail.aerifal.cx
74 bytes, 1+2+0+0 records, response, rd, ra, noerror
query: 1 mail.aerifal.cx.
answer: mail.aerifal.cx. 76356 CNAME brightrain.aerifal.cx.
answer: brightrain.aerifal.cx. 76356 A 216.12.86.13
Then I flushed my cache, and I got the correct result:
$ s6-dnsqr a mail.aerifal.cx
49 bytes, 1+1+0+0 records, response, rd, ra, noerror
query: 1 mail.aerifal.cx.
answer: mail.aerifal.cx. 86400 A 216.12.86.13
I have no idea how the CNAME made it into my cache in the first
place. The .cx nameservers all correctly delegate without answering.
But since Harald saw the same thing as I did, I think it warrants
further investigation.
(It's DNS, so it sucks. That's to be expected.)
--
Laurent
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
