Описание
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| pdns-recursor | fixed | 4.6.1-1 | package | |
| pdns-recursor | end-of-life | bullseye | package | |
| pdns-recursor | no-dsa | buster | package | |
| pdns-recursor | no-dsa | stretch | package | |
| pdns | fixed | 4.6.1-1 | package | |
| pdns | no-dsa | bullseye | package | |
| pdns | no-dsa | buster | package | |
| pdns | no-dsa | stretch | package |
Примечания
https://github.com/PowerDNS/pdns/commit/ff27c8c8e17bd8093e4668d88865b8eb71039b45 (rec-4.4.8)
https://www.openwall.com/lists/oss-security/2022/03/25/1
https://github.com/PowerDNS/pdns/commit/57312d230d5c01d9aca58cb29ce87e23ccbbefd2 (auth-4.4.3)
EPSS
Связанные уязвимости
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
EPSS