• Status Closed
  • Percent Complete
    100%
  • Task Type Securing
  • Category Involved Service
Attached to Section: Dedicated Servers
Opened by Admin - 2014-09-12

FS#1134 - FDNS3+4 Upgrade 3.6.0 -> 3.6.1 CVE-2014-3614

Issue: A specific sequence of packets can crash PowerDNS Recursor 3.6.0 remotely
CVE: CVE-2014-3614
Affected: All deployments of PowerDNS Recursor 3.6.0
Not Affected:
PowerDNS Authoritative Server, PowerDNS Recursor versions other than 3.6.0
Workaround:
1) Only users from netmasks specified in 'allow-from' can cause the crash
2) add automated restarting
Remediation:
Upgrade to 3.6.1, or apply our minimal patch and recompile
Distributions shipping 3.6.0 have been notified and will be providing updates very soon
Closed by Admin
Friday, 12 September 2014, 07:14 GMT
Reason for closing:  Finished
Additional comments about closing:  Upgrade done

Legend

Task Type

The type of the task. normal work for all services

Category

The category of the task. normal work for all services with upcoming tasks / announcements

Summary

A short summary of the task. active issues or failures

Status

The status of the task. service status unknown or not updated yet

Last Edited

The date when the task was last edited.

Progress

The progress of the task in percent.