systemd-resolved crashes parsing a simple answer w/o question section. Poettering lashes out at CVE assignment.https://github.com/systemd/systemd/pull/5998 …
-
-
Replying to @FiloSottile
And I don't even have to think hard how a way to flush the cache is relevant in a DNS poisoning attack.
1 reply 1 retweet 19 likes -
Replying to @andreasdotorg @FiloSottile
Why flush cache to poison? If you can exec code as resolver just return whatever results you want. Can even set dnssec sig valid bit.
2 replies 0 retweets 0 likes
Replying to @RichFelker @FiloSottile
Well, the code execution bug is a different bug than the one referred to above. It's not like systemd had only one in stock.
7:23 AM - 30 Jun 2017
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.