openSUSE-SU-2020:1005-1

Опубликовано: 19 июл. 2020

Источник: suse-cvrf

Описание

Security update for pdns-recursor

This update for pdns-recursor fixes the following issues:

CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication (boo#1173302).

Список пакетов

SUSE Package Hub 12 SP1

pdns-recursor-4.1.12-bp151.4.6.1

SUSE Package Hub 15 SP1

pdns-recursor-4.1.12-bp151.4.6.1

openSUSE Leap 15.1

pdns-recursor-4.1.12-bp151.4.6.1

openSUSE Leap 15.2

pdns-recursor-4.1.12-bp151.4.6.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/63LHH65EV2VZ34BGUEZDMM2QWPLAF75Y/
E-Mail link for openSUSE-SU-2020:1005-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1173302
SUSE Bug 1173302
https://www.suse.com/security/cve/CVE-2020-14196/
SUSE CVE CVE-2020-14196 page

Описание

In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.

Затронутые продукты

SUSE Package Hub 12 SP1:pdns-recursor-4.1.12-bp151.4.6.1

SUSE Package Hub 15 SP1:pdns-recursor-4.1.12-bp151.4.6.1

openSUSE Leap 15.1:pdns-recursor-4.1.12-bp151.4.6.1

openSUSE Leap 15.2:pdns-recursor-4.1.12-bp151.4.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-14196.html
CVE-2020-14196
https://bugzilla.suse.com/1173302
SUSE Bug 1173302

openSUSE-SU-2020:1005-1

Описание

Список пакетов

SUSE Package Hub 12 SP1

SUSE Package Hub 15 SP1

openSUSE Leap 15.1

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2020-14196

Описание

Затронутые продукты

Ссылки