Updated pdns packages fix security vulnerability
Publication date: 24 May 2018Modification date: 24 May 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1046
Description
A stack-based buffer overflow in the dnsreplay tool occurring when
replaying a specially crafted PCAP file with the `--ecs-stamp` option
enabled, leading to a denial of service or potentially arbitrary code
execution (CVE-2018-1046).
References
- https://bugs.mageia.org/show_bug.cgi?id=23009
- http://openwall.com/lists/oss-security/2018/05/09/2
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-02.html
- https://blog.powerdns.com/2018/05/08/authoritative-server-4-1-2-released/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1046
SRPMS
6/core
- pdns-4.1.2-1.mga6