-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 18 Jun 2023 14:54:22 +0000 Source: maradns Architecture: source Version: 2.0.13-1.2+deb10u1 Distribution: buster-security Urgency: medium Maintainer: Dariusz Dwornikowski <dariusz.dwornikowski@cs.put.poznan.pl> Changed-By: Bastien Roucariès <rouca@debian.org> Closes: 1033252 1035936 Changes: maradns (2.0.13-1.2+deb10u1) buster-security; urgency=medium . * Non-maintainer upload by the LTS Security Team. * CVE-2023-31137: A remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination. (Closes: #1035936) * CVE-2022-30256: A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names. (Closes: #1033252) Checksums-Sha1: 1f7ae69fa20f01b1e73ce7453fdf2ddff88906aa 2165 maradns_2.0.13-1.2+deb10u1.dsc 3fde455f7a3fa4242680840509e12e9cb790acde 1148494 maradns_2.0.13.orig.tar.bz2 e124ee534af1daae5621dbfd922d0893037fd9ce 45196 maradns_2.0.13-1.2+deb10u1.debian.tar.xz e3e13875fc8827ae2f6774fa56a2980a74c62fe2 8838 maradns_2.0.13-1.2+deb10u1_amd64.buildinfo Checksums-Sha256: f5d26b3271471259b582b47cb064cd83aad1138e62baededbedd3df5b8c0e610 2165 maradns_2.0.13-1.2+deb10u1.dsc 661ea06fb18df6d2469b2bf824ffd93545a091af185362cbc738d1aa408210c3 1148494 maradns_2.0.13.orig.tar.bz2 a608d1a0938fbefbc0cf2b42133ef9737cc7ff362d5d9de9c38b8bec13730e5f 45196 maradns_2.0.13-1.2+deb10u1.debian.tar.xz 1150105ac06e8ee18aa636913d8dc1b5d1d65d648b2166cbe39b50a010823910 8838 maradns_2.0.13-1.2+deb10u1_amd64.buildinfo Files: 9a90ee5387cbb6159191534a7db73600 2165 net extra maradns_2.0.13-1.2+deb10u1.dsc b72f61b3b942d971712cf0f0a68a2966 1148494 net extra maradns_2.0.13.orig.tar.bz2 663786cb182712ebab2e7f4af6dc8bd2 45196 net extra maradns_2.0.13-1.2+deb10u1.debian.tar.xz 4eb2d20078cfcfd94f42bbbc55f90e2a 8838 net extra maradns_2.0.13-1.2+deb10u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmSPg9ERHHJvdWNhQGRl Ymlhbi5vcmcACgkQADoaLapBCF8UEhAAlxQ8ROP4U9YQ/2a1CcgWj/fLm/h9i+91 sUUhAY0J5KQT3zeaTPZ1kIzICo+7ppVS6jiFOrYS5dS4dE3q+7BVdsL/ZCTDf28y 48rKrfCQXwp9xClZfNRv0ERpCxOeqzZhbUUbLRZG+fEYBrIYGrbYj9Va2mt3W4ux 2/9DTe3YWfb6x2eAhzJsFOcXQi7bmyarulmNAw5kdkBnOPwgl6HJNlyqTLZYrYLf 6AaAWNlXXNgiWxURSfV4cc75E7z/KyyPvdY3nuCCXoib839MB75dOschQH8prThM 4QvuWZy6tMIIhyqtPOKEXlAOQ4jsjVWwfOyh/3YYZZc3s7mU61Oi+SAdVfDT40Lh FwDOh2/FNI8yLcjAy8tr20YyHt3Qi8gQXZDdshBq4h/zRthW47M9I+TNuKM5hKIg K7SNruh7DrYoEYar9jkNLxeKj0PRbzAk98t1a3EKUPa1snWZX3Bej4W8ZJ4GuTo3 6YVxlUWIu9m/4gcRDXEGE2MivdpjHVWb/3QJMPWrB2v+u2p5TopAsjVhrSkI1ggh eHIYXP0ph+wcloXnVApEgqlIAcf9r8EZMFM7vG08bJ96SQnaRsyvCrmX04hi5oUs vTtXgv/saH+lYUF2DlLFu8eFzsbpwaOx06NqQyGygAdOkXc0/A/uP1VjRIZ7FK54 r3vo7QrjfTc= =0kv6 -----END PGP SIGNATURE-----
