openSUSE-SU-2019:0100-1

Опубликовано: 23 мар. 2019

Источник: suse-cvrf

Описание

Security update for pdns-recursor

This update for pdns-recursor fixes the following issues:

CVE-2019-3807: Fixed insufficient validation of DNSSEC signatures (boo#1121889)

Список пакетов

openSUSE Leap 15.0

pdns-recursor-4.1.2-lp150.2.6.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7DZ33GPMM4JD3FOFUQLHTR6HCPLZ34FY/#7DZ33GPMM4JD3FOFUQLHTR6HCPLZ34FY
E-Mail link for openSUSE-SU-2019:0100-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1121889
SUSE Bug 1121889
https://www.suse.com/security/cve/CVE-2019-3807/
SUSE CVE CVE-2019-3807 page

Описание

An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation.

Затронутые продукты

openSUSE Leap 15.0:pdns-recursor-4.1.2-lp150.2.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-3807.html
CVE-2019-3807
https://bugzilla.suse.com/1121889
SUSE Bug 1121889

openSUSE-SU-2019:0100-1

Описание

Список пакетов

openSUSE Leap 15.0

Ссылки

Уязвимость: CVE-2019-3807

Описание

Затронутые продукты

Ссылки