Information on source package pdns-recursor

Available versions

ReleaseVersion
wheezy3.3-3+deb7u1
wheezy (security)3.3-3+deb7u2
jessie3.6.2-2+deb8u4
jessie (security)3.6.2-2+deb8u3
stretch4.0.4-1+deb9u2
stretch (security)4.0.4-1+deb9u3
buster4.0.6-1
sid4.1.0-4

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-15120fixedfixedfixedvulnerablefixedCrafted CNAME answer can cause a denial of service
CVE-2017-15094fixedfixedfixedvulnerablefixedMemory leak in DNSSEC parsing
CVE-2017-15093fixedfixedfixedvulnerablefixedConfiguration file injection in the API
CVE-2017-15092fixedfixedfixedvulnerablefixedCross-Site Scripting in the web interface
CVE-2017-15090fixedfixedfixedvulnerablefixedInsufficient validation of DNSSEC signatures

Resolved issues

BugDescription
CVE-2016-7074
CVE-2016-7073
CVE-2016-7068
CVE-2015-5470The label decompression functionality in PowerDNS Recursor before ...
CVE-2015-5311PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows ...
CVE-2015-1868The label decompression functionality in PowerDNS Recursor 3.5.x, ...
CVE-2014-8601PowerDNS Recursor before 3.6.2 does not limit delegation chaining, ...
CVE-2014-3614Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) ...
CVE-2009-4010Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows ...
CVE-2009-4009Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote ...
CVE-2008-3217PowerDNS Recursor before 3.1.6 does not always use the strongest ...
CVE-2008-1637PowerDNS Recursor before 3.1.5 uses insufficient randomness to ...
CVE-2006-4252PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a ...
CVE-2006-4251Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow ...
CVE-2006-2069The recursor in PowerDNS before 3.0.1 allows remote attackers to cause ...

Security announcements

DSA / DLADescription
DSA-4063-1pdns-recursor - security update
DLA-788-1pdns-recursor - security update
DSA-3763-1pdns-recursor - security update
DSA-3307-1pdns-recursor - security update
DSA-3096-1pdns-recursor - security update
DLA-104-1pdns-recursor - security update
DSA-1968-2pdns-recursor - cache poisoning
DSA-1968-1pdns-recursor - potential code execution
DSA-1544-2pdns-recursor - predictable randomness
DSA-1544-1pdns-recursor - cache poisoning vulnerability

Search for package or bug name: Reporting problems