Github bug: https://github.com/samboy/MaraDNS/issues/33
Please go here to get the latest updates from upstream about this issue. On Sat, Dec 3, 2016 at 5:52 AM, Sam Trenholme <mara...@gmail.com> wrote: > Hello there, > > I have just become aware of this bug. Right now, I can reproduce the crash > in Cygwin 64-bit, but am unable to reproduce the crash in my 32-bit CentOS6 > development environment where I would actually be able to get a full stack > trace (which was not provided in the original bug report). Until I can get > a setup to reproduce the crashes in a manner which lets me have full stack > traces, I will not be able to make the appropriate patches to fix the bug. > > There is no money on the table, and I have stopped actively developing > MaraDNS every since becoming a single parent with a full-time job. Welcome > to the world of open source economics: Since I’m not getting paid for my > time writing open-source software, I have very little time to devote to > MaraDNS. > > I will open up a GitHub bug so that users know I am aware of the bug. I do > not have a time frame for fixing the issue at this time. Hopefully by the > end of the year. > > -- Sam > > On Sat, Nov 12, 2016 at 10:18 AM, Luciano Bello <luci...@debian.org> > wrote: > >> Source: maradns >> Severity: grave >> Version: 2.0.13-1.2 >> Tags: security upstream >> >> Hi, >> >> The following vulnerability was published for MaraDNS: >> http://seclists.org/oss-sec/2016/q4/411 >> >> No CVE is was assigned yet, but the request was made in that thread. >> If you fix the vulnerability please also make sure to include the >> CVE (Common Vulnerabilities & Exposures) id in your changelog entry, if >> it is >> assigned soon. >> >> Please adjust the affected versions in the BTS as needed. >> >> Regards,luciano >> >> >
