An issue has been found in PowerDNS Authoritative Server allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Server will exit when it runs into a parsing error while looking up the NS/A/AAAA records it is about to use for an outgoing notify. This issue has been assigned CVE-2019-10162. PowerDNS Authoritative up to and including 4.1.9 is affected An issue has been found in PowerDNS Authoritative Server allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue. This issue has been assigned CVE-2019-10163. PowerDNS Authoritative up to and including 4.1.8 is affected.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=932738cf75ee857cf9a1a654e6ea1356b4cc1d4b commit 932738cf75ee857cf9a1a654e6ea1356b4cc1d4b Author: Sven Wegener <swegener@gentoo.org> AuthorDate: 2019-06-21 11:17:56 +0000 Commit: Sven Wegener <swegener@gentoo.org> CommitDate: 2019-06-21 11:20:40 +0000 net-dns/pdns: Version bump, security bug #688428 Bug: https://bugs.gentoo.org/688428 Package-Manager: Portage-2.3.66, Repoman-2.3.11 Signed-off-by: Sven Wegener <swegener@gentoo.org> net-dns/pdns/Manifest | 1 + net-dns/pdns/pdns-4.1.10.ebuild | 157 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 158 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1ba1f188feffe445e48376aa5c1f8cf6304b15c5 commit 1ba1f188feffe445e48376aa5c1f8cf6304b15c5 Author: Sven Wegener <swegener@gentoo.org> AuthorDate: 2019-06-22 18:30:44 +0000 Commit: Sven Wegener <swegener@gentoo.org> CommitDate: 2019-06-22 18:32:39 +0000 net-dns/pdns: Stable on amd64/x86, security bug #688428 Bug: https://bugs.gentoo.org/688428 Package-Manager: Portage-2.3.66, Repoman-2.3.11 Signed-off-by: Sven Wegener <swegener@gentoo.org> net-dns/pdns/pdns-4.1.10.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=87c8b81c6cab52a60c4cbc7c0e24bdb1ee54dacc commit 87c8b81c6cab52a60c4cbc7c0e24bdb1ee54dacc Author: Sven Wegener <swegener@gentoo.org> AuthorDate: 2019-06-25 05:51:39 +0000 Commit: Sven Wegener <swegener@gentoo.org> CommitDate: 2019-06-25 05:52:08 +0000 net-dns/pdns: Cleanup Bug: https://bugs.gentoo.org/688428 Package-Manager: Portage-2.3.66, Repoman-2.3.11 Signed-off-by: Sven Wegener <swegener@gentoo.org> net-dns/pdns/Manifest | 2 - net-dns/pdns/pdns-4.1.8.ebuild | 157 ----------------------------------------- net-dns/pdns/pdns-4.1.9.ebuild | 157 ----------------------------------------- 3 files changed, 316 deletions(-)