Stay Secure with the Latest Linux Advisories

security advisoryfedoraDoS

Fedora 28 Security Advisory: dnsdist DoS Issue CVE-2018-14663

Security fix for CVE-2018-14663. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-ef486b9e50 2018-12-01 02:04:47.628884 --------------------------------------------------------------------------------Name : dnsdist Product : Fedora 28 Version : 1.3.3 Release : 1.fc28 URL : https://www.dnsdist.org/index.html Summary : Highly DNS-, DoS- and abuse-aware loadbalancer Description : dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2018-14663 --------------------------------------------------------------------------------ChangeLog: * Sun Nov 18 2018 Sander Hoentjen - 1.3.3-1 - Update to 1.3.3 - Fixes CVE-2018-14663 * Thu Jul 12 2018 Fedora Release Engineering - 1.3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Jun 6 2018 Ruben Kerkhof - 1.3.0-2 - Fix sigabrt on TCP query (https://github.com/PowerDNS/pdns/issues/6712) * Thu May 31 2018 Ruben Kerkhof - 1.3.0-1 - Upstream released new version - Enable DNS over TLS --------------------------------------------------------------------------------References: [ 1 ] Bug #1649052 - CVE-2018-14663 dnsdist: Record smuggling when adding ECS or XPF [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1649052 [ 2 ] Bug #1599927 - dnsdist-1.3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1599927 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-ef486b9e50' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Patch for dnsdist resolves CVE-2018-14663, strengthening defenses against DNS exploitation and denial-of-service assaults.. dnsdist Security Update,Fedora 28 Security Patch,DoS Protection. . Severity: Critical. LinuxSecurity.com Team

Dec 01, 2018 •Critical Fedora