Source: nsd Version: 4.1.26-1 Severity: important Tags: security upstream Forwarded: https://github.com/NLnetLabs/nsd/issues/20 Control: found -1 4.1.14-1
Hi, The following vulnerability was published for nsd. CVE-2019-13207[0]: | nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer | Overflow in the dname_concatenate() function in dname.c. Does not really need a DSA, as the zone parser happens to crash on malformed zone files, hey are read from disk configuration, and cf. https://github.com/NLnetLabs/nsd/issues/20#issuecomment-508370810 . If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-13207 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13207 [1] https://github.com/NLnetLabs/nsd/issues/20 Regards, Salvatore
