[nsd-users] Fedora/EPEL and NSD 3.2.13 emergency release
Paul Wouters
paul at nohats.ca
Fri Jul 27 12:22:48 UTC 2012
On Fri, 27 Jul 2012, Matthijs Mekking wrote:
> There is a emergency release for nsd: 3.2.13. It is available here:
>
> www: http://nlnetlabs.nl/downloads/nsd/nsd-3.2.13.tar.gz
> sha1: 2cb44f75e9686fd73c7ee9765857a36a8fe5bca9
>
> NSD 3.2.11 and 3.2.12 are vulnerable to a denial of service attack if
> and only if you have enabled per zone stats (--enable-zone-stats,
> default off) [VU#517036 CVE-2012-2979 ].
Fedora and EPEL releases are not vulnerable. Builds will be made today of
3.2.13. You should however, upgrade to 3.2.12 if you haven't yet. Since
the official feedback has not reached the treshhold yet, you will need
to install these with "yum install nsd --enablerepos=updates-testing".
If you have installed 3.2.12 and not yet left feedback, please see:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6453/nsd-3.2.12-1.el6
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-6419/nsd-3.2.12-1.el5
Paul
More information about the nsd-users
mailing list