[MacPorts] #50530: Malformed packets could cause the OpenDNS deviceid, OpenDNS set-client-ip, blocking and AAAA blocking plugins to use uninitialized pointers, leading to a denial of service or possibly code execution.
MacPorts
noreply at macports.org
Wed Feb 3 12:17:16 PST 2016
#50530: Malformed packets could cause the OpenDNS deviceid, OpenDNS set-client-ip,
blocking and AAAA blocking plugins to use uninitialized pointers, leading
to a denial of service or possibly code execution.
------------------------------------+--------------------------------
Reporter: gavin@… | Owner: macports-tickets@…
Type: defect | Status: new
Priority: High | Milestone:
Component: ports | Version: 2.3.4
Keywords: Security Vulnerability | Port: dnscrypt-proxy
------------------------------------+--------------------------------
According to (https://github.com/jedisct1/dnscrypt-
proxy/releases/tag/1.6.1)
Malformed packets could cause the OpenDNS deviceid, OpenDNS set-client-ip,
blocking and AAAA blocking plugins to use uninitialized pointers, leading
to a denial of service or possibly code execution.
The vulnerable code is present since dnscrypt-proxy 1.1.0.
OpenDNS users and people using dnscrypt-proxy in order to block domain
names and IP addresses should upgrade as soon as possible.
Please update the port when possible. Thanks.
--
Ticket URL: <https://trac.macports.org/ticket/50530>
MacPorts <https://www.macports.org/>
Ports system for OS X
More information about the macports-tickets
mailing list