Debian Security Advisory
DSA-4063-1 pdns-recursor -- security update
- Date Reported:
- 11 Dec 2017
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-15120.
- More information:
Toshifumi Sakaguchi discovered that PowerDNS Recursor, a high-performance resolving name server was susceptible to denial of service via a crafted CNAME answer.
The oldstable distribution (jessie) is not affected.
For the stable distribution (stretch), this problem has been fixed in version 4.0.4-1+deb9u3.
We recommend that you upgrade your pdns-recursor packages.
For the detailed security status of pdns-recursor please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pdns-recursor