Commit | Line | Data |
---|---|---|
b4588d5c GP |
1 | djbdns (1:1.05-6) unstable; urgency=medium |
2 | ||
3 | CVE-2008-4392 reports 'Rapid DNS Poisoning in dnscache', the dnscache | |
4 | program included in djbdns-1.05. Upstream's comments on this can be | |
5 | read in http://cr.yp.to/djbdns/forgery.html | |
6 | ||
7 | The dbndns package, the Debian fork of djbdns, includes a patch that | |
8 | limits concurrent outgoing SOA queries to 20 instead 200 (MAXUDP) to | |
9 | make birthday attacks more difficult. | |
10 | ||
11 | -- Gerrit Pape <pape@smarden.org> Mon, 16 Mar 2009 23:00:06 +0000 | |
12 | ||
13 | djbdns (1:1.05-1) unstable; urgency=low | |
14 | ||
15 | With the djbdns package being put into the public domain by the | |
16 | upstream author, djbdns is now available as binary package in | |
17 | Debian/main. | |
18 | ||
19 | Please note that this new binary package differs from the package | |
20 | created through the djbdns-installer package available in | |
21 | Debian/non-free; most notably this package depends on a different | |
22 | version of the daemontools package, and installs the programs into | |
23 | a different path (now /usr/bin/). The latter change most probably | |
24 | requires adapting the paths in the ./run scripts in already existing | |
25 | service directories. | |
26 | ||
27 | If you don't want to upgrade to the new binary package, you should | |
28 | stop the installation, and put djbdns on hold, as described in | |
29 | ||
30 | http://www.debian.org/doc/FAQ/ch-pkg_basics.en.html#s-puttingonhold | |
31 | ||
32 | -- Gerrit Pape <pape@smarden.org> Mon, 25 Feb 2008 21:44:02 +0000 | |
33 |