Описание
Security update for pdns-recursor
This update for pdns-recursor fixes the following issues:
Security issues fixed:
- CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer (bsc#1114157).
- CVE-2018-14644: Fixed denial of service via crafted query for meta-types (bsc#1114170).
- CVE-2018-14626: Fixed packet cache pollution via crafted query (bsc#1114169).
Список пакетов
openSUSE Leap 42.3
Ссылки
- E-Mail link for openSUSE-SU-2018:4151-1
- SUSE Security Ratings
Описание
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.
Затронутые продукты
Ссылки
- CVE-2018-10851
- SUSE Bug 1114157
- SUSE Bug 1114169
- SUSE Bug 1114170
Описание
PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service.
Затронутые продукты
Ссылки
- CVE-2018-14626
- SUSE Bug 1114157
- SUSE Bug 1114169
- SUSE Bug 1114170
Описание
An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers for that parent zone answer with FORMERR to a query for at least one of the meta-types. As a result, subsequent queries from clients requesting DNSSEC validation will be answered with a ServFail.
Затронутые продукты
Ссылки
- CVE-2018-14644
- SUSE Bug 1114157
- SUSE Bug 1114169
- SUSE Bug 1114170