Re: Bug#653838: Inadequate source of entropy in recursive queries: maradns
To add even more confusion:
I did a final tweak to the hash compression function yesterday.
TL;DR summary: Use MaraDNS 1.3.07.14, 1.4.10, any 2.0 release, or
apply this patch to an older release of MaraDNS:
I made one release, realized that had problems, made another release
the next day, realized *that* had problems, and made a (hopefully
final) third update yesterday:
2012/1/14 Julien Cristau <firstname.lastname@example.org>:
> On Thu, Jan 12, 2012 at 22:55:10 +0000, Nicholas Bamber wrote:
>> Comments below. What is the next step?
> On http://security-tracker.debian.org/tracker/source-package/maradns I
> see three issues: CVE-2011-5055, CVE-2011-5056 and CVE-2012-0024. Which
> one is this fixing, and what's the status of the 2011-505* ones in
> unstable? They're listed as unfixed in the tracker.