openSUSE-SU-2020:0698-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2020:0698-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2020:0698-1
- Related
- Published
- 2020-05-23T07:22:00Z
- Modified
- 2020-05-23T07:22:00Z
- Summary
- Security update for pdns-recursor
- Details
-
This update for pdns-recursor fixes the following issues:
- update to 4.1.16
- fixes an issue where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated (CVE-2020-12244, boo#1171553)
- fixes an issue where invalid hostname on the server can result in disclosure of invalid memory (CVE-2020-10030, boo#1171553)
- fixes an issue in the DNS protocol has been found that allows malicious parties to use recursive DNS services to attack third party authoritative name servers (CVE-2020-10995, boo#1171553)
For details see https://doc.powerdns.com/recursor/changelog/4.1.html#change-4.1.16
- update to 4.1.16
- References
Affected packages
SUSE:Package Hub 12 SP1 / pdns-recursor
Package
- Name
- pdns-recursor
- Purl
- purl:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2012%20SP1
SUSE:Package Hub 15 SP1 / pdns-recursor
Package
- Name
- pdns-recursor
- Purl
- purl:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2015%20SP1