Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 23 articles for you...
89
security advisorydenial of servicefedoraFedora 43 pdns 5.0.4 Security Advisory Denial of Service CVE-2026-33610
Update to 5.0.4 Release notes: https://doc.powerdns.com/authoritative/changelog/5.0.html#change-5.0.4 Security advisory: https://docs.powerdns.com/authoritative/security- advisories/powerdns-advisory-2026-05.html. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b47d3e7e16 2026-05-06 16:45:18.195674+00:00 -------------------------------------------------------------------------------- Name : pdns Product : Fedora 43 Version : 5.0.4 Release : 1.fc43 URL : http://powerdns.com Summary : A modern, advanced and high performance authoritative-only name server Description : The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only name server. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database. -------------------------------------------------------------------------------- Update Information: Update to 5.0.4 Release notes: https://doc.powerdns.com/authoritative/changelog/5.0.html#change-5.0.4 Security advisory: https://docs.powerdns.com/authoritative/security- advisories/powerdns-advisory-2026-05.html -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 26 2026 Morten Stevens - 5.0.4-1 - Update to 5.0.4 * Fri Jan 16 2026 Fedora Release Engineering - 5.0.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Mon Jan 12 2026 Jonathan Wakely - 5.0.2-2 - Rebuilt for Boost 1.90 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2461770 - CVE-2026-33610 pdns: PowerDNS: Denial of Service due to file descriptor exhaustion from rogue primary server DNS update requests [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2461770 [ 2 ] Bug #2461772 - CVE-2026-33611 pdns: PowerDNS: Database corruption due to invalid record data[fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2461772 [ 3 ] Bug #2461775 - CVE-2026-33609 pdns: PowerDNS: Information disclosure via incomplete LDAP query escaping [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2461775 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b47d3e7e16' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 06, 2026
•Critical
Fedora
100
security advisorymoderatesecurity updateSUSE Security Update: 2020:2785-1 Addresses Moderate pdns Memory Leak
An update that fixes one vulnerability, contains one feature is now available. . SUSE Security Update: Security update for pdns ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2785-1 Rating: moderate References: #1176535 SOC-11392 Cross-References: CVE-2020-17482 Affected Products: SUSE OpenStack Cloud 9 ______________________________________________________________________________ An update that fixes one vulnerability, contains one feature is now available. Description: This update for pdns fixes the following issues: - CVE-2020-17482: Fixed an issue where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory (bsc#1176535). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2020-2785=1 Package List: - SUSE OpenStack Cloud 9 (x86_64): pdns-4.1.8-3.6.1 pdns-backend-mysql-4.1.8-3.6.1 pdns-backend-mysql-debuginfo-4.1.8-3.6.1 pdns-debuginfo-4.1.8-3.6.1 pdns-debugsource-4.1.8-3.6.1 References: https://www.suse.com/security/cve/CVE-2020-17482.html https://bugzilla.suse.com/1176535 _______________________________________________ sle-security-updates mailing list
Sep 29, 2020
SuSE
202
security advisorymoderateupdateopenSUSE 12: openSUSE-SU-2020:1556-1 Moderate: pdns Memory Leak
An update that solves one vulnerability and has two fixes is now available.. openSUSE Security Update: Security update for pdns ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1556-1 Rating: moderate References: #1156196 #1176312 #1176535 Cross-References: CVE-2020-17482 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for pdns fixes the following issues: - Build with libmaxminddb instead of the obsolete GeoIP (boo#1156196) - CVE-2020-17482: Fixed an error that can result in leaking of uninitialised memory through crafted zone records (boo#1176535) - Backported compilation fix vs. latest Boost 1.74 (boo#1176312) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2020-1556=1 Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64): pdns-4.1.14-23.1 pdns-backend-godbc-4.1.14-23.1 pdns-backend-godbc-debuginfo-4.1.14-23.1 pdns-backend-ldap-4.1.14-23.1 pdns-backend-ldap-debuginfo-4.1.14-23.1 pdns-backend-lua-4.1.14-23.1 pdns-backend-lua-debuginfo-4.1.14-23.1 pdns-backend-mydns-4.1.14-23.1 pdns-backend-mydns-debuginfo-4.1.14-23.1 pdns-backend-mysql-4.1.14-23.1 pdns-backend-mysql-debuginfo-4.1.14-23.1 pdns-backend-postgresql-4.1.14-23.1 pdns-backend-postgresql-debuginfo-4.1.14-23.1 pdns-backend-remote-4.1.14-23.1 pdns-backend-remote-debuginfo-4.1.14-23.1 pdns-backend-sqlite3-4.1.14-23.1 pdns-backend-sqlite3-debuginfo-4.1.14-23.1 pdns-debuginfo-4.1.14-23.1 pdns-debugsource-4.1.14-23.1 References: https://www.suse.com/security/cve/CVE-2020-17482.html https://bugzilla.suse.com/1156196 https://bugzilla.suse.com/1176312 https://bugzilla.suse.com/1176535 -- . This Fedora advisory discusses a libcurl security update that resolves an SSL vulnerability and provides guidance for installation.. openSUSE Security Update, pdns Memory Leak Fix, SUSE Package Hub Update. . LinuxSecurity.com Team
Sep 28, 2020
OpenSUSE
100
security advisorysecurity updatemoderate severitySUSE OpenStack Cloud: 2020:2718-1 Moderate: pdns Memory Leak Fix
An update that fixes one vulnerability, contains one feature is now available. . SUSE Security Update: Security update for pdns ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2718-1 Rating: moderate References: #1176535 SOC-11392 Cross-References: CVE-2020-17482 Affected Products: SUSE OpenStack Cloud 8 HPE Helion Openstack 8 ______________________________________________________________________________ An update that fixes one vulnerability, contains one feature is now available. Description: This update for pdns fixes the following issues: - CVE-2020-17482: Fixed an issue where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory (bsc#1176535) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2020-2718=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2020-2718=1 Package List: - SUSE OpenStack Cloud 8 (x86_64): pdns-4.1.2-3.9.1 pdns-backend-mysql-4.1.2-3.9.1 pdns-backend-mysql-debuginfo-4.1.2-3.9.1 pdns-debuginfo-4.1.2-3.9.1 pdns-debugsource-4.1.2-3.9.1 - HPE Helion Openstack 8 (x86_64): pdns-4.1.2-3.9.1 pdns-backend-mysql-4.1.2-3.9.1 pdns-backend-mysql-debuginfo-4.1.2-3.9.1 pdns-debuginfo-4.1.2-3.9.1 pdns-debugsource-4.1.2-3.9.1 References: https://www.suse.com/security/cve/CVE-2020-17482.html https://bugzilla.suse.com/1176535 _______________________________________________ sle-security-updates mailing list
Sep 23, 2020
SuSE
202
security advisorydenial of servicesoftware updateopenSUSE: 2019:1921-1 Important: Three Denial Of Service Issues in pdns
An update that fixes three vulnerabilities is now available.. openSUSE Security Update: Security update for pdns ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1921-1 Rating: important References: #1138582 #1142810 Cross-References: CVE-2019-10162 CVE-2019-10163 CVE-2019-10203 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for pdns fixes the following issues: Security issues fixed: - CVE-2019-10203: Updated PostgreSQL schema to address a possible denial of service by an authorized user by inserting a crafted record in a MASTER type zone under their control. (boo#1142810) - CVE-2019-10162: Fixed a denial of service but when authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. (boo#1138582) - CVE-2019-10163: Fixed a denial of service of slave server when an authorized master server sends large number of NOTIFY messages. (boo#1138582) Non-security issues fixed: - Enabled the option to disable superslave support. - Fixed `pdnsutil b2b-migrate` to not lose NSEC3 settings. This update was imported from the openSUSE:Leap:15.1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2019-1921=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): pdns-4.1.8-bp151.3.3.1 pdns-backend-geoip-4.1.8-bp151.3.3.1 pdns-backend-godbc-4.1.8-bp151.3.3.1 pdns-backend-ldap-4.1.8-bp151.3.3.1 pdns-backend-lua-4.1.8-bp151.3.3.1 pdns-backend-mydns-4.1.8-bp151.3.3.1 pdns-backend-mysql-4.1.8-bp151.3.3.1 pdns-backend-postgresql-4.1.8-bp151.3.3.1 pdns-backend-remote-4.1.8-bp151.3.3.1 pdns-backend-sqlite3-4.1.8-bp151.3.3.1 References: https://www.suse.com/security/cve/CVE-2019-10162.html https://www.suse.com/security/cve/CVE-2019-10163.html https://www.suse.com/security/cve/CVE-2019-10203.html https://bugzilla.suse.com/1138582 https://bugzilla.suse.com/1142810 -- . A critical update for openSUSE has been released, targeting several security flaws in pdns to improve overall system protection.. openSUSE Update, pdns Security Patch, Important Security Fixes, Denial of Service Issues, Software Update. . Severity: Important. LinuxSecurity.com Team
Aug 15, 2019
•Important
OpenSUSE
202
security advisorydenial of serviceupdateopenSUSE: 2019:1904-1 Important: pdns Denial Of Service Addressed
An update that fixes three vulnerabilities is now available.. openSUSE Security Update: Security update for pdns ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1904-1 Rating: important References: #1138582 #1142810 Cross-References: CVE-2019-10162 CVE-2019-10163 CVE-2019-10203 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for pdns fixes the following issues: Security issues fixed: - CVE-2019-10203: Updated PostgreSQL schema to address a possible denial of service by an authorized user by inserting a crafted record in a MASTER type zone under their control. (boo#1142810) - CVE-2019-10162: Fixed a denial of service but when authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. (boo#1138582) - CVE-2019-10163: Fixed a denial of service of slave server when an authorized master server sends large number of NOTIFY messages. (boo#1138582) Non-security issues fixed: - Enabled the option to disable superslave support. - Fixed `pdnsutil b2b-migrate` to not lose NSEC3 settings. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-1904=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1904=1 - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-1904=1 Package List: - openSUSE Leap 15.1 (x86_64): pdns-4.1.8-lp151.2.3.1 pdns-backend-geoip-4.1.8-lp151.2.3.1 pdns-backend-geoip-debuginfo-4.1.8-lp151.2.3.1 pdns-backend-godbc-4.1.8-lp151.2.3.1 pdns-backend-godbc-debuginfo-4.1.8-lp151.2.3.1 pdns-backend-ldap-4.1.8-lp151.2.3.1 pdns-backend-ldap-debuginfo-4.1.8-lp151.2.3.1 pdns-backend-lua-4.1.8-lp151.2.3.1 pdns-backend-lua-debuginfo-4.1.8-lp151.2.3.1 pdns-backend-mydns-4.1.8-lp151.2.3.1 pdns-backend-mydns-debuginfo-4.1.8-lp151.2.3.1 pdns-backend-mysql-4.1.8-lp151.2.3.1 pdns-backend-mysql-debuginfo-4.1.8-lp151.2.3.1 pdns-backend-postgresql-4.1.8-lp151.2.3.1 pdns-backend-postgresql-debuginfo-4.1.8-lp151.2.3.1 pdns-backend-remote-4.1.8-lp151.2.3.1 pdns-backend-remote-debuginfo-4.1.8-lp151.2.3.1 pdns-backend-sqlite3-4.1.8-lp151.2.3.1 pdns-backend-sqlite3-debuginfo-4.1.8-lp151.2.3.1 pdns-debuginfo-4.1.8-lp151.2.3.1 pdns-debugsource-4.1.8-lp151.2.3.1 - openSUSE Leap 15.0 (x86_64): pdns-4.1.2-lp150.3.13.1 pdns-backend-geoip-4.1.2-lp150.3.13.1 pdns-backend-geoip-debuginfo-4.1.2-lp150.3.13.1 pdns-backend-godbc-4.1.2-lp150.3.13.1 pdns-backend-godbc-debuginfo-4.1.2-lp150.3.13.1 pdns-backend-ldap-4.1.2-lp150.3.13.1 pdns-backend-ldap-debuginfo-4.1.2-lp150.3.13.1 pdns-backend-lua-4.1.2-lp150.3.13.1 pdns-backend-lua-debuginfo-4.1.2-lp150.3.13.1 pdns-backend-mydns-4.1.2-lp150.3.13.1 pdns-backend-mydns-debuginfo-4.1.2-lp150.3.13.1 pdns-backend-mysql-4.1.2-lp150.3.13.1 pdns-backend-mysql-debuginfo-4.1.2-lp150.3.13.1 pdns-backend-postgresql-4.1.2-lp150.3.13.1 pdns-backend-postgresql-debuginfo-4.1.2-lp150.3.13.1 pdns-backend-remote-4.1.2-lp150.3.13.1 pdns-backend-remote-debuginfo-4.1.2-lp150.3.13.1 pdns-backend-sqlite3-4.1.2-lp150.3.13.1 pdns-backend-sqlite3-debuginfo-4.1.2-lp150.3.13.1 pdns-debuginfo-4.1.2-lp150.3.13.1 pdns-debugsource-4.1.2-lp150.3.13.1 - openSUSE Backports SLE-15 (aarch64 ppc64le s390xx86_64): pdns-4.1.2-bp150.2.9.1 pdns-backend-geoip-4.1.2-bp150.2.9.1 pdns-backend-geoip-debuginfo-4.1.2-bp150.2.9.1 pdns-backend-godbc-4.1.2-bp150.2.9.1 pdns-backend-godbc-debuginfo-4.1.2-bp150.2.9.1 pdns-backend-ldap-4.1.2-bp150.2.9.1 pdns-backend-ldap-debuginfo-4.1.2-bp150.2.9.1 pdns-backend-lua-4.1.2-bp150.2.9.1 pdns-backend-lua-debuginfo-4.1.2-bp150.2.9.1 pdns-backend-mydns-4.1.2-bp150.2.9.1 pdns-backend-mydns-debuginfo-4.1.2-bp150.2.9.1 pdns-backend-mysql-4.1.2-bp150.2.9.1 pdns-backend-mysql-debuginfo-4.1.2-bp150.2.9.1 pdns-backend-postgresql-4.1.2-bp150.2.9.1 pdns-backend-postgresql-debuginfo-4.1.2-bp150.2.9.1 pdns-backend-remote-4.1.2-bp150.2.9.1 pdns-backend-remote-debuginfo-4.1.2-bp150.2.9.1 pdns-backend-sqlite3-4.1.2-bp150.2.9.1 pdns-backend-sqlite3-debuginfo-4.1.2-bp150.2.9.1 pdns-debuginfo-4.1.2-bp150.2.9.1 pdns-debugsource-4.1.2-bp150.2.9.1 References: https://www.suse.com/security/cve/CVE-2019-10162.html https://www.suse.com/security/cve/CVE-2019-10163.html https://www.suse.com/security/cve/CVE-2019-10203.html https://bugzilla.suse.com/1138582 https://bugzilla.suse.com/1142810 -- . Significant openSUSE upgrade for pdns addresses various denial of service vulnerabilities, offering improved protection features.. openSUSE security update, pdns security patch, denial of service threat, important pdns vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Aug 15, 2019
•Important
OpenSUSE
197
security advisorydenial of servicedebianDebian 8: DLA-1843-1 Moderate: Pdns Denial Of Service Risk
Two vulnerabilities have been discovered in pdns, an authoritative DNS server which may result in denial of service via malformed zone records and excessive NOTIFY packets in a master/slave setup. . Package : pdns Version : 3.4.1-4+deb8u10 CVE ID : CVE-2019-10162 CVE-2019-10163 Two vulnerabilities have been discovered in pdns, an authoritative DNS server which may result in denial of service via malformed zone records and excessive NOTIFY packets in a master/slave setup. CVE-2019-10162 An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify. CVE-2019-10163 An issue has been found in PowerDNS Authoritative Server allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue. For Debian 8 "Jessie", these problems have been fixed in version 3.4.1-4+deb8u10. We recommend that you upgrade your pdns packages. For the detailed security status of pdns please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/pdns Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -- Jonas Meurer . Identify two pdns weaknesses leading to service disruptions due to improperly structured records and excessive notification traffic. Recommended to update.. pdns Security Update, Debian LTS, Denial Of Service, Malformed Records. . LinuxSecurity.com Team
Jul 03, 2019
Debian LTS
89
security advisorysecurity issuefedoraFedora 29: FEDORA-2019-08b1477c9d Critical PowerDNS Update
- Update to 4.1.10 Release notes: https://doc.powerdns.com/authoritative/changelog/4.1.html#change-4.1.10 Security Advisory: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-04.html . -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-08b1477c9d 2019-06-30 02:26:21.869090 -------------------------------------------------------------------------------- Name : pdns Product : Fedora 29 Version : 4.1.10 Release : 1.fc29 URL : https://www.powerdns.com/ Summary : A modern, advanced and high performance authoritative-only nameserver Description : The PowerDNS Nameserver is a modern, advanced and high performance authoritative-only nameserver. It is written from scratch and conforms to all relevant DNS standards documents. Furthermore, PowerDNS interfaces with almost any database. -------------------------------------------------------------------------------- Update Information: - Update to 4.1.10 Release notes: https://doc.powerdns.com/authoritative/changelog/4.1.html#change-4.1.10 Security Advisory: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-04.html https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 21 2019 Morten Stevens - 4.1.10-1 - Update to 4.1.10 - PowerDNS Security Advisory 2019-04 (CVE-2019-10162) - PowerDNS Security Advisory 2019-05 (CVE-2019-10163) * Wed Mar 27 2019 Morten Stevens - 4.1.8-1 - Update to 4.1.8 * Tue Mar 19 2019 Morten Stevens - 4.1.7-1 - Update to 4.1.7 - PowerDNS Security Advisory 2019-03 (CVE-2019-3871) * Sun Feb 3 2019 Morten Stevens - 4.1.6-1 - Update to 4.1.6 * Fri Feb 1 2019 Fedora Release Engineering - 4.1.5-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Wed Jan 30 2019 Jonathan Wakely -4.1.5-3 - Rebuilt for Boost 1.69 * Wed Nov 21 2018 Igor Gnatenko - 4.1.5-2 - Rebuild for protobuf 3.6 * Tue Nov 6 2018 Morten Stevens - 4.1.5-1 - Update to 4.1.5 - PowerDNS Security Advisory 2018-03 (CVE-2018-10851) - PowerDNS Security Advisory 2018-05 (CVE-2018-14626) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-08b1477c9d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 29, 2019
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!