[SECURITY] [DLA 1843-1] pdns security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : pdns
Version : 3.4.1-4+deb8u10
CVE ID : CVE-2019-10162 CVE-2019-10163
Two vulnerabilities have been discovered in pdns, an authoritative DNS
server which may result in denial of service via malformed zone records
and excessive NOTIFY packets in a master/slave setup.
CVE-2019-10162
An issue has been found in PowerDNS Authoritative Server allowing
an authorized user to cause the server to exit by inserting a
crafted record in a MASTER type zone under their control. The issue
is due to the fact that the Authoritative Server will exit when it
runs into a parsing error while looking up the NS/A/AAAA records it
is about to use for an outgoing notify.
CVE-2019-10163
An issue has been found in PowerDNS Authoritative Server allowing
a remote, authorized master server to cause a high CPU load or even
prevent any further updates to any slave zone by sending a large
number of NOTIFY messages. Note that only servers configured as
slaves are affected by this issue.
For Debian 8 "Jessie", these problems have been fixed in version
3.4.1-4+deb8u10.
We recommend that you upgrade your pdns packages.
For the detailed security status of pdns please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pdns
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- --
Jonas Meurer
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEELIzSg9Pv30M4kOeDUmLn/0kQSf4FAl0cq0AACgkQUmLn/0kQ
Sf6uzRAAn57AZxX15uMo8TazTd4gFkT4MdP8BOdUKx05DPFVNCMcQCNheQsFoW83
Ewcdg9truLiG+NebnBpDnbVgXrkCmNXJbai6zrXuyqq+2m4PqUz/QkBT2GqaFE4G
XPXcuh8En5xn7dTasBkJvTA9Tm5i9Omdmj+VsDHLA2JLsvjjhrHvkuYFpZiA62J1
a3Tvf5jBO2+dmnR17Kf6AF++mitTa+BqPKWt4KSoFMGdb/I+K+XRZPr/N2Dvi9ld
Ankkjm7GwdcnXu2L5neU75EI0xAWEe5SGdRAAKAveAQ8qbDpGy/UtS42+t09ao69
C97PuB0P+0lH612u0NKybH20Mbtp9cY2lh+h8l3pteVO4I8SgUmr+Qgnj62e12Rw
IoUCY7JBxII8rnSKlQ7SR2EJS23CHEk4brijaOl+o+ACqKLD3fmgdmTlO84zKXQv
/pHJESvbpK/prZAy/GVVfpWDgx5IEq1lhUDZkHZBZ+qZjH2LXsLn59uxL7to8Gkl
KD0TJxdrYFLVeu+CgvO2fNySr9VaAih9LV8EvS86y9m7fZZKTv5ivT0CVRDfv4re
6DyWMdn0nhmAYHBFxiAFL5qsO4pjte8YjR07SfKCTDwGboILMJA1QXFCszdJNCxr
BXRXQ9NA5nsw2K+gq2rIn38iiq70JlO6OL0wGq190ALPkr41k4o=
=0wei
-----END PGP SIGNATURE-----
Reply to: