I know, I was thinking about -backports , too. Opened a bugreport for it
(bug #888627). Thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/502987
Title:
PowerDNS Recursor Critical Securit
Imre, we can't backport the full release to hardy from precise in a
security update, but you can use hardy-backports for this (conceivably).
I suggest you contact the backporters team.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug re
As I don't thing we will get a patch for Hardy for this bug, would it be
possible to backport 3.3-2 from Precise? At least that way anyone who
really wants a new and fixed version and is still using Hardy, they
could install it from -backports.
I have 3.3-1 'backported' in my PPA, and if I'm not m
Correct, we're still waiting for a patch for the version in Hardy. Because of
the greater version difference, an easy patching is not possible (at least not
something I could do, as I'm not that familiar with the code).
I will contact upstream again, and if it can't be arranged in a short while,
Lucid now has 3.1.7.2-1.
** Changed in: pdns-recursor (Ubuntu Lucid)
Status: Confirmed => Fix Released
--
PowerDNS Recursor Critical Security Issue - PDNS-2010-01
https://bugs.launchpad.net/bugs/502987
You received this bug notification because you are a member of Ubuntu
Bugs, which is a
Removed assignee that was added by r12056.
The nominations may not be appropriate. Please investigate and fix as
appropriate.
** Changed in: pdns-recursor (Ubuntu Lucid)
Assignee: Imre Gergely (cemc) => (unassigned)
** Changed in: pdns-recursor (Ubuntu Hardy)
Assignee: Imre Gergely (c
I see this has been nominated for dapper. Any plans for an update or
backport?
--
PowerDNS Recursor Critical Security Issue - PDNS-2010-01
https://bugs.launchpad.net/bugs/502987
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-b
** Changed in: pdns-recursor (Ubuntu Hardy)
Assignee: Ubuntu Security Team (ubuntu-security) => Imre Gergely (cemc)
** Changed in: pdns-recursor (Ubuntu Lucid)
Assignee: Ubuntu Security Team (ubuntu-security) => Imre Gergely (cemc)
--
PowerDNS Recursor Critical Security Issue - PDNS-20
** Changed in: pdns-recursor (Ubuntu Hardy)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
** Changed in: pdns-recursor (Ubuntu Lucid)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
--
PowerDNS Recursor Critical Security Issue - PDNS-2010-01
https://
** Changed in: pdns-recursor (Ubuntu Hardy)
Status: New => Confirmed
** Changed in: pdns-recursor (Ubuntu Lucid)
Status: New => Confirmed
--
PowerDNS Recursor Critical Security Issue - PDNS-2010-01
https://bugs.launchpad.net/bugs/502987
You received this bug notification because yo
** Branch linked: lp:ubuntu/intrepid-security/pdns-recursor
** Branch linked: lp:ubuntu/jaunty-security/pdns-recursor
** Branch linked: lp:ubuntu/karmic-updates/pdns-recursor
--
PowerDNS Recursor Critical Security Issue - PDNS-2010-01
https://bugs.launchpad.net/bugs/502987
You received this bug
This bug was fixed in the package pdns-recursor - 3.1.7-1ubuntu0.1
---
pdns-recursor (3.1.7-1ubuntu0.1) intrepid-security; urgency=low
* SECURITY UPDATE: first issue is remotely exploitable, likely
leads to full compromise; second issue allows an attacker to
spoof domain dat
This bug was fixed in the package pdns-recursor - 3.1.7-2ubuntu0.1
---
pdns-recursor (3.1.7-2ubuntu0.1) jaunty-security; urgency=low
* SECURITY UPDATE: first issue is remotely exploitable, likely
leads to full compromise; second issue allows an attacker to
spoof domain data
This bug was fixed in the package pdns-recursor - 3.1.7-5ubuntu0.1
---
pdns-recursor (3.1.7-5ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE: first issue is remotely exploitable, likely
leads to full compromise; second issue allows an attacker to
spoof domain data
Thanks! I've uploaded them to the security queue now.
** Changed in: pdns-recursor (Ubuntu Jaunty)
Status: In Progress => Fix Committed
** Changed in: pdns-recursor (Ubuntu Intrepid)
Status: In Progress => Fix Committed
--
PowerDNS Recursor Critical Security Issue - PDNS-2010-01
Attached debdiff for Intrepid, built, tested and working. Patch was the
same as above because Intrepid too has version 3.1.7.
** Attachment added: "debdiff for intrepid"
http://launchpadlibrarian.net/37521051/pdns-recursor_3.1.7-1ubuntu0.1.debdiff
--
PowerDNS Recursor Critical Security Issue
Re-added the debdiff for Jaunty (which corrected changelog).
** Attachment removed: "pdns-recursor debdiff for jaunty"
http://launchpadlibrarian.net/37520621/pdns-recursor_3.1.7-2ubuntu0.1.debdiff
** Attachment added: "debdiff for jaunty"
http://launchpadlibrarian.net/37520802/pdns-recursor
Attached debdiff for Jaunty, same patch works because Jaunty also has
version 3.1.7. It's building and working OK.
Also fixed the initscript, which prevented the current package to be
upgraded/removed.
See: https://bugs.launchpad.net/ubuntu/+source/pdns-recursor/+bug/403957
** Attachment added:
Interesting enough, this probably makes Ubuntu the first distribution to
ship an update, even though pdns-recursor is in Universe ;-)
Many thanks!
On Wed, Jan 06, 2010 at 10:51:26PM -, Kees Cook wrote:
> Thanks, this looks good to me. I've uploaded it to the security queue
> now.
>
> ** Cha
Thanks, this looks good to me. I've uploaded it to the security queue
now.
** Changed in: pdns-recursor (Ubuntu Karmic)
Status: In Progress => Fix Committed
** Changed in: pdns-recursor (Ubuntu Hardy)
Status: Triaged => New
** Changed in: pdns-recursor (Ubuntu Intrepid)
Sta
It looks good - if all you did was remove the bits about #if 0 and
getDirect, then it can't be wrong .
On Wed, Jan 06, 2010 at 10:33:02PM -, Imre Gergely wrote:
> I've cleaned up the debdiff, should be smaller and more clear now.
> (Tested this one and it builds and seems to work ok.)
>
> Pl
I've cleaned up the debdiff, should be smaller and more clear now.
(Tested this one and it builds and seems to work ok.)
Please take a look. I'll go on to Jaunty and Intrepid if everything's
fine with this one.
** Attachment removed: "pdns-recursor_3.1.7-5ubuntu0.1.debdiff"
http://launchpadlib
To repeat a bit of the IRC discussion: patch looks generally good, but
it would be better if it did not include the code clean-ups (dropping
unused functions, removing #if 0 code, etc). This will make reviewing,
backporting, and possible regression handling easier.
** Also affects: pdns-recursor
For Lucid we should wait for Debian, then sync.
This bug affects Karmic, Jaunty, Intrepid and Hardy as well (the all
have pdns-recursor <= 3.1.7), for those I'm working on a patch.
See attached debdiff against latest Karmic package (3.1.7-5).
- package was built in a clean pbuilder environment, i
** Changed in: pdns-recursor (Ubuntu)
Assignee: (unassigned) => Imre Gergely (cemc)
** Changed in: pdns-recursor (Ubuntu)
Status: New => In Progress
--
PowerDNS Recursor Critical Security Issue - PDNS-2010-01
https://bugs.launchpad.net/bugs/502987
You received this bug notification b
This is public now:
http://mailman.powerdns.com/pipermail/pdns-
users/2010-January/006410.html
** Visibility changed to: Public
--
PowerDNS Recursor Critical Security Issue - PDNS-2010-01
https://bugs.launchpad.net/bugs/502987
You received this bug notification because you are a member of Ubun
26 matches
Mail list logo
