Описание
Security update for pdns
This update for pdns fixes the following issues:
Security issues fixed:
- CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer (bsc#1114157).
- CVE-2018-14626: Fixed packet cache pollution via crafted query (bsc#1114169).
Список пакетов
openSUSE Leap 15.0
pdns-4.1.2-lp150.3.6.1
pdns-backend-geoip-4.1.2-lp150.3.6.1
pdns-backend-godbc-4.1.2-lp150.3.6.1
pdns-backend-ldap-4.1.2-lp150.3.6.1
pdns-backend-lua-4.1.2-lp150.3.6.1
pdns-backend-mydns-4.1.2-lp150.3.6.1
pdns-backend-mysql-4.1.2-lp150.3.6.1
pdns-backend-postgresql-4.1.2-lp150.3.6.1
pdns-backend-remote-4.1.2-lp150.3.6.1
pdns-backend-sqlite3-4.1.2-lp150.3.6.1
Ссылки
- E-Mail link for openSUSE-SU-2018:4156-1
- SUSE Security Ratings
Описание
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.
Затронутые продукты
openSUSE Leap 15.0:pdns-4.1.2-lp150.3.6.1
openSUSE Leap 15.0:pdns-backend-geoip-4.1.2-lp150.3.6.1
openSUSE Leap 15.0:pdns-backend-godbc-4.1.2-lp150.3.6.1
openSUSE Leap 15.0:pdns-backend-ldap-4.1.2-lp150.3.6.1
Ссылки
- CVE-2018-10851
- SUSE Bug 1114157
- SUSE Bug 1114169
- SUSE Bug 1114170
Описание
PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service.
Затронутые продукты
openSUSE Leap 15.0:pdns-4.1.2-lp150.3.6.1
openSUSE Leap 15.0:pdns-backend-geoip-4.1.2-lp150.3.6.1
openSUSE Leap 15.0:pdns-backend-godbc-4.1.2-lp150.3.6.1
openSUSE Leap 15.0:pdns-backend-ldap-4.1.2-lp150.3.6.1
Ссылки
- CVE-2018-14626
- SUSE Bug 1114157
- SUSE Bug 1114169
- SUSE Bug 1114170