Your message dated Thu, 20 Jul 2017 19:00:14 +0000
with message-id <e1dyggi-0004xx...@fasolo.debian.org>
and subject line Bug#655220: fixed in curvedns 0.87-1
has caused the Debian Bug report #655220,
regarding ITP: curvedns -- DNS/DNSCurve forwarding name server
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
655220: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655220
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: wnpp
Severity: wishlist
Owner: Sergiusz Pawlowicz <deb...@pawlowicz.name>
* Package name : curvedns
Version : 0.87
Upstream Author : CurveDNS developers <curve...@on2it.net>
* URL : http://curvedns.on2it.net/
* License : CurveDNS (retain COPYRIGHT file, public domain)
Programming Lang: C, C++
Description : Forwarding implementation of the DNSCurve protocol
CurveDNS is the first publicly released forwarding implementation that
implements the DNSCurve protocol[0].
DNSCurve uses high-speed high-security elliptic-curve cryptography to
drastically improve every dimension of DNS security:
* Confidentiality: DNS requests and responses today are completely
unencrypted and are broadcast to any attacker who cares to look.
DNSCurve encrypts all DNS packets.
* Integrity: DNS today uses "UDP source-port randomization" and "TXID
randomization" to create some speed bumps for blind attackers, but
patient attackers and sniffing attackers can easily forge DNS records.
DNSCurve cryptographically authenticates all DNS responses, eliminating
forged DNS packets.
* Availability: DNS today has no protection against denial of service.
A sniffing attacker can disable all of your DNS lookups by sending just
a few forged packets per second. DNSCurve very quickly recognizes and
discards forged packets, so attackers have much more trouble preventing
DNS data from getting through. Protection is also needed for SMTP, HTTP,
HTTPS, etc., but protecting DNS is the first step.
What is so special about this implementation is the fact that any
authoritative DNS name server can act as a DNSCurve capable one, without
changing anything on your current DNS environment. The only thing a DNS
data manager (that is probably you) has to do is to install CurveDNS on
a machine, generate a keypair, and update NS type records that were
pointing towards your authoritative name server and let them point to
this machine running CurveDNS. Indeed, it is that easy to become fully
protected against almost any of the currently known DNS flaws, such as
active and passive cache poisoning.
CurveDNS supports:
* Forwarding of regular (non-protected) DNS packets;
* Unboxing of DNSCurve queries and forwarding the regular DNS packets
* Boxing of regular DNS responses to DNSCurve responses;
* Both DNSCurve’s streamlined- and TXT-format;
* Caching of shared secrets;
* Both UDP and TCP;
* Both IPv4 and IPv6.
[0] http://www.dnscurve.org/
--- End Message ---
--- Begin Message ---
Source: curvedns
Source-Version: 0.87-1
We believe that the bug you reported is fixed in the latest version of
curvedns, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 655...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
NEVEU Stephane <stefne...@gmail.com> (supplier of updated curvedns package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 4 Jul 2017 20:40:28 +0200
Source: curvedns
Binary: curvedns
Architecture: source amd64
Version: 0.87-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Tools Packaging Team
<pkg-security-t...@lists.alioth.debian.org>
Changed-By: NEVEU Stephane <stefne...@gmail.com>
Description:
curvedns - DNS/DNSCurve forwarding name server - binaries
Closes: 655220
Changes:
curvedns (0.87-1) unstable; urgency=medium
.
* Initial release (Closes: #655220)
Checksums-Sha1:
908886b4524ba39c4295426f580b7b95a65574ce 1903 curvedns_0.87-1.dsc
5941e53de5836d2cef037b8e45f585762bd6e8df 326900 curvedns_0.87.orig.tar.gz
538b8171848bad331c38419dac13bbbd334a4936 8328 curvedns_0.87-1.debian.tar.xz
c787b09bcae75b7e44f4e35426ffc8b18550b494 64604 curvedns-dbgsym_0.87-1_amd64.deb
fbf5cde0b36320cfa3846452104717aa5ec7a7da 5826 curvedns_0.87-1_amd64.buildinfo
aa59b5e715b310a5066e5223fb5b10489cc178aa 29204 curvedns_0.87-1_amd64.deb
Checksums-Sha256:
5fc962c0636fcd4c8b625629ebd174cf594be8276efcd74789280452a76c5de7 1903
curvedns_0.87-1.dsc
9f45d0324d2917dd93546b0af74428ff50e06293fd4c273b7e5f6b62f88d9e6a 326900
curvedns_0.87.orig.tar.gz
34d49c2cb6b169330451108149bb9bcd4c940485463b801eac2c446e80683b75 8328
curvedns_0.87-1.debian.tar.xz
34a5539d5c24d27090b1da85ff9eda4c7a0c0ff5aa019c68593594b1444bf425 64604
curvedns-dbgsym_0.87-1_amd64.deb
95a12a0a180469b8ab8bbc43371dd44e15dfb40dc953ef476b275d0039f69122 5826
curvedns_0.87-1_amd64.buildinfo
11dd1c22488412d2e1aa39255c42a96f3f07dd308bca24082576b5300d379cf8 29204
curvedns_0.87-1_amd64.deb
Files:
7e2c11cbbf1ef588e2608b787765fb5f 1903 net standard curvedns_0.87-1.dsc
693c8b0e96642dbc3bc2013e5c71fc4f 326900 net standard curvedns_0.87.orig.tar.gz
898ad4a8967bc093c3ce11ba06dca070 8328 net standard
curvedns_0.87-1.debian.tar.xz
56546eba7712966501be8a11e69adb42 64604 debug extra
curvedns-dbgsym_0.87-1_amd64.deb
8f26d831e6e477f6ea1f141eda6b58da 5826 net standard
curvedns_0.87-1_amd64.buildinfo
1bc95e9d175d07b2161d43fc94dcc486 29204 net standard curvedns_0.87-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJZb2F5AAoJEPNPCXROn13ZaagQAKgTDfUZETvIjCk2lKwJf1Hq
QYpEwYlNlw2mK3IsNkJ31A7z8E2eeIZsIcEPWr00TRAb+k/KIdJl8ELJrcZ0ID+P
/YfCILR4EjrlWBFbXb8KyhRcbrK6TpKvTZwZeQBZaEcGH7iz2hCLi8tP8JpEljSc
8Ao81RIM9XMkbK+YJkG9fgHgo+FhSC1jgGoV+0KopZ94RoZhMh+3UggF8or5RTPq
uNy8jWo9stxGtj0878jjMjmvt7hCl2rwMm6kMBEApZEi+90RKrYnyqYGuxak9g3E
dCdF2LgkpvbARKImom9oJ94f3EnuKioxuexqBZs6wVUG94mwvVUz+6MxBGdXsGew
fQ8XUoQaH7sC4lYiwcXucHwmC3lG7GBOnaevXzQZFkxpwBDzfx4ZC9fkb0rDS5Kj
wjmIDJVmnpxpbVN8QjXkdQuzPbRtvYI2Aaj66jBOqG+vE4sF+qpxMxKnStXgMHYM
/EL3FSBOuI6tRFcJ2VlBO3FkeCZTqWCrt9fsXCED69+1k3/mzhzhT9qcTiqcr1bU
tn1pm9s1RrmeaTTx/uzKn3cnJF8EIEpzt46HNY/pFpi6eug6cqvYm0c08Be9agli
ySyM4NW2pVF3Gj/FVd142bkgEcNBrBlZt56wp2fxGA+7fXCJZgzjX747SWmUKk9v
K9hK5f0BDcnP/Rp9UCFr
=S/0+
-----END PGP SIGNATURE-----
--- End Message ---
