[dnsdist] TCP short writes handling issue fixed in master

Remi Gacogne remi.gacogne at powerdns.com
Fri Jul 7 09:11:45 UTC 2017

Hi all,

Yesterday we fixed [1] an issue [2] in dnsdist's TCP handling that could
have led to corrupted responses being sent over TCP.
The issue was introduced in [3] and is not present in any released
version of dnsdist. However if you are running a master version of
dnsdist I would advise to upgrade your packages. Pre-built packages can
be found in our repositories [4] as usual.

This issue requires very large answers from the backend toward the
client to happen, and as such is quite unlikely to occur for anything
else than AXFR answers. The content of corrupted answers is not random
but contain the same data twice, making it unlikely to be mistaken for a
correct DNS answer.

Thanks to Scott McGillivray for reporting the issue.

Best regards,


[1]: https://github.com/PowerDNS/pdns/pull/5501
[2]: https://github.com/PowerDNS/pdns/issues/5494
[3]: https://github.com/PowerDNS/pdns/pull/4985
[4]: https://repo.powerdns.com/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20170707/b8a16341/attachment.sig>

More information about the dnsdist mailing list