openSUSE-SU-2024:0114-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2024:0114-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2024:0114-1
Related
Published
2024-04-29T06:38:41Z
Modified
2024-04-29T06:38:41Z
Summary
Security update for pdns-recursor
Details

This update for pdns-recursor fixes the following issues:

  • update to 4.8.8:

    • fixes a case when a crafted responses can lead to a denial of service in Recursor if recursive forwarding is configured (boo#1223262, CVE-2024-25583)

  • changes in 4.8.7:

    • If serving stale, wipe CNAME records from cache when we get a NODATA negative response for them
    • Fix the zoneToCache regression introduced by last security update
References

Affected packages

SUSE:Package Hub 15 SP5 / pdns-recursor

Package

Name
pdns-recursor
Purl
pkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.8.8-bp155.2.6.1

Ecosystem specific 

{
    "binaries": [
        {
            "pdns-recursor": "4.8.8-bp155.2.6.1"
        }
    ]
}

openSUSE:Leap 15.5 / pdns-recursor

Package

Name
pdns-recursor
Purl
pkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.8.8-bp155.2.6.1

Ecosystem specific 

{
    "binaries": [
        {
            "pdns-recursor": "4.8.8-bp155.2.6.1"
        }
    ]
}