Date: Tue, 7 Jul 2015 11:28:48 +0200 From: Pieter Lexis <pieter.lexis@...erdns.com> To: pdns-dev@...lman.powerdns.com, pdns-users Users <pdns-users@...lman.powerdns.com>, pdns-announce@...lman.powerdns.com, oss-security@...ts.openwall.com Subject: Follow up: PowerDNS Security Advisory 2015-01 Hi all, We've updated our security advisory regarding CVE-2015-1868. Toshifumi Sakaguchi discovered that our fix for this CVE was insufficient in some cases with specially crafted packets. Last month we released patched versions and we've now updated the Advisory to reflect this. If you have not updated yet, we advice again to update. 1 - https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ 2 - http://blog.powerdns.com/2015/06/09/authoritative-server-3-4-5-3-3-3-and-recursor-3-7-3-3-6-4-released/ -- Pieter Lexis PowerDNS.COM BV - https://www.powerdns.com [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ