Package: adns Version: 1.4-0.1 Severity: important Tags: security Hi,
From inspecting the code of ands, it seems that it is not using the recommended source port randomisation for countering the cache poisoning attack as discovered by Dan Kaminski and referenced as CVE-2008-1447. Since this is a stub resolver the risk is lesser than for caching nameservers, but nonetheless this is an issue which we really should be fixing in lenny. Can you please look into that? As it seems a fix for important bugs can still be granted a freeze exception. If a straghtforward fix is available for etch, it would be released by the security team. thanks, Thijs
pgpZA6EejRLE9.pgp
Description: PGP signature
