Information on source package pdns-recursor

Available versions

ReleaseVersion
jessie3.6.2-2+deb8u4
buster4.1.11-1+deb10u2
bullseye4.4.2-3
bookworm4.8.8-1
trixie5.0.9-1
sid5.0.9-1

Open issues

BugjessiebusterbullseyebookwormtrixiesidDescription
CVE-2024-25590vulnerablevulnerablevulnerablevulnerablefixedfixedAn attacker can publish a zone containing specific Resource Record Set ...
CVE-2024-25583vulnerablefixedfixedfixedfixedfixedA crafted response from an upstream server the recursor has been confi ...
CVE-2023-50868vulnerablevulnerablevulnerablefixedfixedfixedThe Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 whe ...
CVE-2023-50387vulnerablevulnerablevulnerablefixedfixedfixedCertain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6 ...
CVE-2023-26437vulnerablevulnerable (no DSA)vulnerablefixedfixedfixedDenial of service vulnerability in PowerDNS Recursor allows authoritat ...
CVE-2023-22617vulnerablefixedfixedfixedfixedfixedA remote attacker might be able to cause infinite recursion in PowerDN ...
CVE-2022-37428vulnerablevulnerable (no DSA)vulnerablefixedfixedfixedPowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when pro ...
CVE-2022-27227vulnerablevulnerable (no DSA)vulnerablefixedfixedfixedIn PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and ...
CVE-2020-25829vulnerablefixedfixedfixedfixedfixedAn issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x befo ...
CVE-2020-14196vulnerablefixedfixedfixedfixedfixedIn PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1 ...
CVE-2018-14644vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedAn issue has been found in PowerDNS Recursor from 4.0.0 up to and incl ...
CVE-2018-10851vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedPowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4. ...

Open unimportant issues

BugjessiebusterbullseyebookwormtrixiesidDescription
CVE-2020-10030vulnerablevulnerablefixedfixedfixedfixedAn issue has been found in PowerDNS Recursor 4.1.0 up to and including ...

Resolved issues

BugDescription
CVE-2020-12244An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where ...
CVE-2020-10995PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not suffic ...
CVE-2019-3807An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1 ...
CVE-2019-3806An issue has been found in PowerDNS Recursor versions after 4.1.3 befo ...
CVE-2018-1000003Improper input validation bugs in DNSSEC validators components in Powe ...
CVE-2018-16855An issue has been found in PowerDNS Recursor before version 4.1.8 wher ...
CVE-2018-14626PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS ...
CVE-2017-15120An issue has been found in the parsing of authoritative answers in Pow ...
CVE-2017-15094An issue has been found in the DNSSEC parsing code of PowerDNS Recurso ...
CVE-2017-15093When api-config-dir is set to a non-empty value, which is not the case ...
CVE-2017-15092A cross-site scripting issue has been found in the web interface of Po ...
CVE-2017-15090An issue has been found in the DNSSEC validation component of PowerDNS ...
CVE-2016-7074An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and Power ...
CVE-2016-7073An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and Power ...
CVE-2016-7068An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and Power ...
CVE-2015-5470The label decompression functionality in PowerDNS Recursor before 3.6. ...
CVE-2015-5311PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows rem ...
CVE-2015-1868The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6. ...
CVE-2014-8601PowerDNS Recursor before 3.6.2 does not limit delegation chaining, whi ...
CVE-2014-3614Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6 ...
CVE-2009-4010Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows r ...
CVE-2009-4009Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote atta ...
CVE-2008-3217PowerDNS Recursor before 3.1.6 does not always use the strongest rando ...
CVE-2008-1637PowerDNS Recursor before 3.1.5 uses insufficient randomness to calcula ...
CVE-2006-4252PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a ...
CVE-2006-4251Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow rem ...
CVE-2006-2069The recursor in PowerDNS before 3.0.1 allows remote attackers to cause ...

Security announcements

DSA / DLADescription
DLA-3855-1pdns-recursor - security update
DSA-5674-1pdns-recursor - security update
DSA-5626-2pdns-recursor - regression update
DSA-5626-1pdns-recursor - security update
DSA-4691-1pdns-recursor - security update
DSA-4063-1pdns-recursor - security update
DLA-788-1pdns-recursor - security update
DSA-3763-1pdns-recursor - security update
DSA-3307-1pdns-recursor - security update
DSA-3096-1pdns-recursor - security update
DLA-104-1pdns-recursor - security update
DSA-1968-2pdns-recursor - cache poisoning
DSA-1968-1pdns-recursor - potential code execution
DSA-1544-2pdns-recursor - predictable randomness
DSA-1544-1pdns-recursor - cache poisoning vulnerability

Search for package or bug name: Reporting problems