Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
87
security advisorydebianpdns-recursorDebian: pdns-recursor Critical Cache Pollution Threat DSA-6045-1
Two vulnerabiliites have been discovered in PDNS Recursor, a resolving name server: Delegation information was insufficiently validated, which could result in cache pollution. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6045-1
Oct 29, 2025
•Critical
Debian
202
security advisoryimportantaccess restrictionopenSUSE 15.2: 2020:1687-1 Important: Pdns-Recursor Access Fix
An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for pdns-recursor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1687-1 Rating: important References: #1173302 #1177383 Cross-References: CVE-2020-14196 CVE-2020-25829 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for pdns-recursor fixes the following issues: -pdns-recursorwas updated to 4.1.1 and 4.3.5: - CVE-2020-25829: Fixed a cache pollution related to DNSSEC validation (boo#1177383) - CVE-2020-14196: Fixed an access restriction bypass with API key and password authentication (boo#1173302). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1687=1 - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-1687=1 - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2020-1687=1 - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2020-1687=1 - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2020-1687=1 Package List: - openSUSE Leap 15.2 (x86_64): pdns-recursor-4.3.5-lp152.2.6.1 pdns-recursor-debuginfo-4.3.5-lp152.2.6.1 pdns-recursor-debugsource-4.3.5-lp152.2.6.1 - openSUSE Leap 15.1 (x86_64): pdns-recursor-4.1.12-lp151.3.9.1 pdns-recursor-debuginfo-4.1.12-lp151.3.9.1 pdns-recursor-debugsource-4.1.12-lp151.3.9.1 - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): pdns-recursor-4.3.5-bp152.2.12.1 pdns-recursor-debuginfo-4.3.5-bp152.2.12.1 pdns-recursor-debugsource-4.3.5-bp152.2.12.1 - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): pdns-recursor-4.1.12-bp151.4.9.1 pdns-recursor-debuginfo-4.1.12-bp151.4.9.1 pdns-recursor-debugsource-4.1.12-bp151.4.9.1 - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64): pdns-recursor-4.1.18-25.1 References: https://www.suse.com/security/cve/CVE-2020-14196.html https://www.suse.com/security/cve/CVE-2020-25829.html https://bugzilla.suse.com/1173302 https://bugzilla.suse.com/1177383 -- . A crucial patch for pdns-recursor addresses vulnerabilities in access restrictions and cache integrity for openSUSE systems.. openSUSE Security Update,pdns-recursor patch,access restriction fix,cache pollution issue. . Severity: Important. LinuxSecurity.com Team
Oct 17, 2020
•Important
OpenSUSE
202
security advisorymoderatedenial of serviceopenSUSE: 2018:4175-1 Moderate: pdns Denial of Service Fix
An update that fixes two vulnerabilities is now available. Description: Description: This update for pdns fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer (bsc#1114157). - CVE-2018-14626: Fixed packet cache pollution via crafted query (bsc#1114169). This update was imported from the openSUSE:Leap:15.0:Update upda [More...]. openSUSE Security Update: Security update for pdns ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:4175-1 Rating: moderate References: #1114157 #1114169 Cross-References: CVE-2018-10851 CVE-2018-14626 Affected Products: openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for pdns fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer (bsc#1114157). - CVE-2018-14626: Fixed packet cache pollution via crafted query (bsc#1114169). This update was imported from the openSUSE:Leap:15.0:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2018-1571=1 Package List: - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): pdns-4.1.2-bp150.2.3.1 pdns-backend-geoip-4.1.2-bp150.2.3.1 pdns-backend-godbc-4.1.2-bp150.2.3.1 pdns-backend-ldap-4.1.2-bp150.2.3.1 pdns-backend-lua-4.1.2-bp150.2.3.1 pdns-backend-mydns-4.1.2-bp150.2.3.1 pdns-backend-mysql-4.1.2-bp150.2.3.1 pdns-backend-postgresql-4.1.2-bp150.2.3.1 pdns-backend-remote-4.1.2-bp150.2.3.1 pdns-backend-sqlite3-4.1.2-bp150.2.3.1 References: https://www.suse.com/security/cve/CVE-2018-10851.html https://www.suse.com/security/cve/CVE-2018-14626.html https://bugzilla.suse.com/1114157 https://bugzilla.suse.com/1114169 -- . This Fedora upgrade resolves significant vulnerabilities in apache to strengthen overall system security.. openSUSE Security, pdns Update, Denial of Service, Cache Pollution. . LinuxSecurity.com Team
Dec 18, 2018
OpenSUSE
89
security advisorysecurity issuesoftware updateFedora: 29 Advisory FEDORA-2018-85fc964de8 Critical: PowerDNS Memory Leak
- Update to 4.1.5 Release notes: /powerdns-authoritative-server-4-0-6-4-1-5-and-recursor-4-0-9-4-1-5-released/ PowerDNS Security Advisory 2018-03 (https://doc.powerdns.com/authoritative/index.html /security-advisories/powerdns-advisory-2018-03.html) (CVE-2018-10851) PowerDNS Security Advisory 2018-05 (-. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-85fc964de8 2018-11-16 04:48:33.983706 --------------------------------------------------------------------------------Name : pdns Product : Fedora 29 Version : 4.1.5 Release : 1.fc29 URL : https://www.powerdns.com/ Summary : A modern, advanced and high performance authoritative-only nameserver Description : The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database. --------------------------------------------------------------------------------Update Information: - Update to 4.1.5 Release notes: /powerdns-authoritative-server-4-0-6-4-1-5-and-recursor-4-0-9-4-1-5-released/ PowerDNS Security Advisory 2018-03 (https://doc.powerdns.com/authoritative/index.html /security-advisories/powerdns-advisory-2018-03.html) (CVE-2018-10851) PowerDNS Security Advisory 2018-05 () (CVE-2018-14626) --------------------------------------------------------------------------------ChangeLog: * Tue Nov 6 2018 Morten Stevens - 4.1.5-1 - Update to 4.1.5 - PowerDNS Security Advisory 2018-03 (CVE-2018-10851) - PowerDNS Security Advisory 2018-05 (CVE-2018-14626) --------------------------------------------------------------------------------References: [ 1 ] Bug #1649028 - CVE-2018-14626 pdns: Packet cache pollution via crafted query https://bugzilla.redhat.com/show_bug.cgi?id=1649028 [ 2 ] Bug #1588185 - CVE-2018-10851 pdns: Memory leak while parsing malformedrecords https://bugzilla.redhat.com/show_bug.cgi?id=1588185 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-85fc964de8' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 16, 2018
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!