-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2196-1 security@debian.org http://www.debian.org/security/ Raphael Geissert March 19, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : maradns Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2011-0520 Debian Bug : 610834 Witold Baryluk discovered that MaraDNS, a simple security-focused Domain Name Service server, may overflow an internal buffer when handling requests with a large number of labels, causing a server crash and the consequent denial of service. For the oldstable distribution (lenny), this problem has been fixed in version 1.3.07.09-2.1. For the stable distribution (squeeze) and greater this problem had already been fixed in version 1.4.03-1.1. We recommend that you upgrade your maradns packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk2FQTsACgkQYy49rUbZzlpDtgCdHI7IY/22FzcEVCRlkQjU4Ui9 ScwAn1ZJ8Rg/ZZXOUGlt6Ueohfdvq2tq =/024 -----END PGP SIGNATURE-----