From: Peter van Dijk Date: Thu, 25 Sep 2014 14:54:19 +0000 (+0200) Subject: update canary X-Git-Tag: auth-3.4.0~17 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=014722b01b0f75b97678fc1b25848ff9381da2e6;p=thirdparty%2Fpdns.git update canary --- diff --git a/pdns/docs/pdns.xml b/pdns/docs/pdns.xml index 3f8e953735..72c4309067 100644 --- a/pdns/docs/pdns.xml +++ b/pdns/docs/pdns.xml @@ -11156,10 +11156,13 @@ name IN A 192.0.2.4 - As of the 9th of January 2012, no actual security problems with PowerDNS 2.9.22.5, 3.0.1, Recursor 3.1.7.2, or later are known about. This page + As of the 25th of September 2014, no actual security problems with PowerDNS 2.9.22.5, 3.0.1, Recursor 3.1.7.2, or later are known about, with the exception of Recursor 3.6.0 specifically. This page will be updated with all bugs which are deemed to be security problems, or could conceivably lead to those. Any such notifications will also be sent to all PowerDNS mailing lists. + + Version 3.6.0 of the Recursor (but not 3.5.x) can be crashed remotely with a specific packet sequence. For more detail, see . + Versions 2.9.22 and lower and 3.0 of the PowerDNS Authoritative Server were vulnerable to a temporary denial of service attack. For more detail, see . @@ -11174,7 +11177,7 @@ name IN A 192.0.2.4 Version 3.1.3 and earlier of the PowerDNS recursor contain two security issues, both of which can lead to a denial of service, both of which can be triggered - by remote users. One of the issues might lead be exploited and lead to a system compromise. For more detail, see and + by remote users. One of the issues might be exploited and lead to a system compromise. For more detail, see and .