[Pdns-users] PowerDNS Security Advisory 2012-01: Denial of Service vulnerability in most versions of the PowerDNS Authoritative Server
Peter van Dijk
peter.van.dijk at netherlabs.nl
Tue Jan 17 20:40:52 UTC 2012
Hello Nils,
On Jan 17, 2012, at 20:51 , Nils Breunese (Lemonbit) wrote:
> Peter van Dijk wrote:
>
>> On Jan 12, 2012, at 8:09 , Nick Milas wrote:
>>
>>> I haven't been able to find 2.9.22.5 binary packages (RHEL/CENTOS 5, 64bit) on any of the repos.
>>>
>>> Could someone please provide some guidance to find these packages?
>>
>> They are at http://downloads.powerdns.com/releases/rpm/, the one for you is http://downloads.powerdns.com/releases/rpm/pdns-static-2.9.22.5-1.x86_64.rpm
>>
>> HOWEVER! We will be rolling 2.9.22.6 this week to fix a bug in .5 which can cause crashes when using it as an AXFR slave.
>
> Was this crashing bug introduced in 2.9.22.5 or was this a previously existing bug?
Between 2.9.22 and 2.9.22.5, there have been a few commits on the 2-9-22-x branch. Several users have rolled their own 2.9.22.x off of that branch (this is why we called this update .5). We expected all changes on that branch to be fully stable, but as we found out now, one of those changes introduced a problem that can cause crashing slaves.
So, to most users, .5 introduces this crashing bug.
Kind regards,
Peter van Dijk
More information about the Pdns-users
mailing list