Comment 0 for bug 297475

Revision history for this message
Fabrice Coutadeur (fabricesp) wrote :

Binary package hint: dns2tcp

As stated in Debian Bug #504121 and Secunia at http://secunia.com/advisories/32514/, there is a security flaw in dns2tcp, with a buffer overflow possibility in dns_decode.c

This flaw has been fixed in upstream 0.4.3 version and in debian, in 0.4.dfsg-4, and the patch has been fixed in 0.4.dfsg-5.

Debian changelog:
dns2tcp (0.4.dfsg-5) unstable; urgency=low

  * Fix dnsbof.diff to add an extra check for total_len.

 -- Arnaud Cornet <email address hidden> Tue, 04 Nov 2008 08:53:43 +0100

dns2tcp (0.4.dfsg-4) unstable; urgency=low

  * Add patch dnsbof.diff to fix a buffer overflow in dns_decode.c (Closes:
    #504121).
  * Add patch sysfix.diff that fixes chroot() and set?id() calls. Also
    makes use of limits to prevent fork of the process.

 -- Arnaud Cornet <email address hidden> Fri, 31 Oct 2008 19:28:28 +0100

Upstream changelog for 0.4.3:
Version 0.4.3
 Fix unsigned int pb and error in dns_decode (John Lampe)
 Fix drop privileges problems (Solar Designer)
 Add limit to prevent fork() (Idea from Solar Designer)

Version 0.4.2
 Suppressed

I compared debian patched version with upstream 0.4.3, and there is no relevant changes to .c files, affecting to security