Information on source package pdns

Available versions

ReleaseVersion
jessie3.4.1-4+deb8u8
jessie (security)3.4.1-4+deb8u7
stretch4.0.3-1+deb9u2
buster4.1.5-1
sid4.1.5-1

Open issues

BugjessiestretchbustersidDescription
CVE-2018-10851vulnerable (no DSA, ignored)vulnerablefixedfixedCrafted answer can cause a denial of service
CVE-2018-1046fixedvulnerable (no DSA)fixedfixedpdns before version 4.1.2 is vulnerable to a buffer overflow in ...

Resolved issues

BugDescription
CVE-2018-14626Packet cache pollution via crafted query
CVE-2017-15091An issue has been found in the API component of PowerDNS Authoritative ...
CVE-2016-7074An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and ...
CVE-2016-7073An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and ...
CVE-2016-7072An issue has been found in PowerDNS Authoritative Server before 3.4.11 ...
CVE-2016-7068An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and ...
CVE-2016-6172PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote ...
CVE-2016-5427PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not ...
CVE-2016-5426PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote ...
CVE-2016-2120An issue has been found in PowerDNS Authoritative Server versions up ...
CVE-2015-5470The label decompression functionality in PowerDNS Recursor before ...
CVE-2015-5311PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows ...
CVE-2015-5230
CVE-2015-1868The label decompression functionality in PowerDNS Recursor 3.5.x, ...
CVE-2014-7210pdns in Debian creates too privileged MySQL user
CVE-2012-0206common_startup.cc in PowerDNS (aka pdns) Authoritative Server before ...
CVE-2008-5277PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of ...
CVE-2008-3337PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, ...
CVE-2006-4252PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a ...
CVE-2006-4251Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow ...
CVE-2005-2302PowerDNS before 2.9.18, when allowing recursion to a restricted range ...
CVE-2005-2301PowerDNS before 2.9.18, when running with an LDAP backend, does not ...
CVE-2005-0428The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 ...
CVE-2005-0038The DNS implementation of PowerDNS 2.9.16 and earlier allows remote ...

Security announcements

DSA / DLADescription
DLA-798-1pdns - security update
DSA-3764-1pdns - security update
DLA-627-1pdns - security update
DSA-3664-1pdns - security update
DLA-492-1pdns - security update
DSA-3347-1pdns - security update
DSA-3306-1pdns - security update
DSA-2385-1pdns - packet loop
DSA-2385-1pdns - packet loop
DSA-1628-1pdns - DNS spoofing
DSA-1211pdns
DSA-771-1pdns - several

Search for package or bug name: Reporting problems