From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41940)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1gKVE0-0004nA-Hg
	for guix-patches@gnu.org; Wed, 07 Nov 2018 16:18:59 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1gKV7K-0000z7-Jf
	for guix-patches@gnu.org; Wed, 07 Nov 2018 16:12:06 -0500
Received: from debbugs.gnu.org ([208.118.235.43]:35708)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1gKV7K-0000y8-Ee
	for guix-patches@gnu.org; Wed, 07 Nov 2018 16:12:02 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1gKV7K-0004O5-1g
	for guix-patches@gnu.org; Wed, 07 Nov 2018 16:12:02 -0500
Subject: [bug#33026] [PATCH] gnu: Add pdns.
Resent-Message-ID: <handler.33026.B33026.154162509116823@debbugs.gnu.org>
Date: Wed, 7 Nov 2018 16:11:18 -0500
From: Leo Famulari <leo@famulari.name>
Message-ID: <20181107211118.GA31141@jasmine.lan>
References: <20181012185854.9873-1-me@tobias.gr>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="mYCpIKhGyMATD0i+"
Content-Disposition: inline
In-Reply-To: <20181012185854.9873-1-me@tobias.gr>
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Tobias Geerinckx-Rice <me@tobias.gr>
Cc: 33026@debbugs.gnu.org


--mYCpIKhGyMATD0i+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Fri, Oct 12, 2018 at 08:58:54PM +0200, Tobias Geerinckx-Rice wrote:
> +(define-public pdns
> +  (package
> +    (name "pdns")
> +    (version "4.1.4")

Please update to 4.1.5 before pushing, in order to get fixes for these
bugs:

 * 2018-03: Crafted zone record can cause a denial of service
(CVE-2018-10851, Authoritative)
 * 2018-04: Crafted answer can cause a denial of service
(CVE-2018-10851, Recursor)
 * 2018-05: Packet cache pollution via crafted query (CVE-2018-14626,
Authoritative >= 4.1.0)
 * 2018-06: Packet cache pollution via crafted query (CVE-2018-14626,
Recursor >= 4.0.0)
 * 2018-07: Crafted query for meta-types can cause a denial of service
(CVE-2018-14644, Recursor >= 4.0.0)

https://seclists.org/oss-sec/2018/q4/137

--mYCpIKhGyMATD0i+
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlvjVPYACgkQJkb6MLrK
fwgzmA//biez4qhAlwko3p607AlNHOjMF26WMMmVweKVBtFsQyv1HKU91ioVcR7Q
ZeLRuIrynd2ybc0p/nUf1IOjxEgd4Av1FBNdK71YOsuU+amF+CEu+G4zCW7by9IX
jEIgENeS5jNVesKKg6Pe1hUQrQbkea4Jm/n2kWuEEPap1hTRrOzwBrEkgGFvdqW+
BhOck5trGOC4BRP3WX5S2P3fRU285Xb9JPqTEGoA/vi8gR8FVhIuXpNn9Esx0OYP
Rux+C5sv8RhgkOwRC6j7ez8S+zQfSoM4o/qZPnfgVBpQ6xhsKLVQCVz/tdd7DxDP
Y7aARNRHrSljxfWnfsLTYmFFFiyTKyadulrGQDD7wGiNfg+vAVpyPYLwhEswc7co
E1l8bFzn4Ac5EYrPJeIPDppcvZeUHm0X+dUq9Qv9sMR2/E0au9bGTpGwGUSsdoOi
6BVZKDJfybiq0IwjBvKRNPbfMHAdssfCpvlEjzkplNCcpv1MZI3tpEv8ScG5L3x0
Iaq3DLVCY3KjqPvAg+bwt+ZxFWTVUVsoZfpLjm94nFW9U5tNHP0lLYB8oPMnJxnQ
8i3N1HH2tC7+R6mUsGckhaEWHypdbue+E33xHZOlSdquZHkyxxnYVETQXU7P3LRm
KXVaoMg13R+mRlAFD+umeIn0Dyv6PhjnrZ5jagNjivzpco4Tkc0=
=L7HL
-----END PGP SIGNATURE-----

--mYCpIKhGyMATD0i+--