Ubuntu Security Notice 3491-1 - Leon Weber discovered that the ldns-keygen tool incorrectly set permissions on private keys. A local attacker could possibly use this issue to obtain generated private keys. This issue only applied to Ubuntu 14.04 LTS. Stephan Zeisberg discovered that ldns incorrectly handled memory when processing data. A remote attacker could use this issue to cause ldns to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed. Continue reading...
