Comment 13 for bug 502987

This bug was fixed in the package pdns-recursor - 3.1.7-5ubuntu0.1

---------------
pdns-recursor (3.1.7-5ubuntu0.1) karmic-security; urgency=low

  * SECURITY UPDATE: first issue is remotely exploitable, likely
    leads to full compromise; second issue allows an attacker to
    spoof domain data for domain names he does not own (LP: #502987)
    - debian/patches/CVE-2009-4009-4010.dpatch: fixes the two
      problems
    - CVE-2009-4009, CVE-2009-4010
 -- Imre Gergely <email address hidden> Wed, 06 Jan 2010 22:19:13 +0200