From $URL: PowerDNS Security Advisory 2021-01: Specific query crashes Authoritative Server CVE: CVE-2021-36754 Date: July 26th, 2021 Affects: PowerDNS Authoritative version 4.5.0 Not affected: 4.4.x and below, 4.5.1 Severity: High Impact: Denial of service Exploit: This problem can be triggered via a specific query packet Risk of system compromise: None Solution: Upgrade to 4.5.1, or filter queries in dnsdist PowerDNS Authoritative Server 4.5.0 (and the alpha/beta/rc1/rc2 prereleases that came before it) will crash with an uncaught out of bounds exception if it receives a query with QTYPE 65535. The offending code was not present in earlier versions, and they are not affected. Users that cannot upgrade immediately, but do have dnsdist in place, can use dnsdist to filter such queries before they do harm, with something like addAction(QTypeRule(65535), RCodeAction(DNSRCode.REFUSED)). When the PowerDNS Authoritative Server is run inside a supervisor like supervisord or systemd, an uncaught exception crash will lead to an automatic restart, limiting the impact to a somewhat degraded service.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=57a134af1b2a461f3233b7eb450b8ebddfdd7a46 commit 57a134af1b2a461f3233b7eb450b8ebddfdd7a46 Author: Sven Wegener <swegener@gentoo.org> AuthorDate: 2021-07-27 05:19:40 +0000 Commit: Sven Wegener <swegener@gentoo.org> CommitDate: 2021-07-27 05:23:41 +0000 net-dns/pdns: Version bump, security bug #804585 Bug: https://bugs.gentoo.org/804585 Package-Manager: Portage-3.0.20, Repoman-3.0.2 Signed-off-by: Sven Wegener <swegener@gentoo.org> net-dns/pdns/Manifest | 2 +- net-dns/pdns/{pdns-4.5.0.ebuild => pdns-4.5.1.ebuild} | 0 2 files changed, 1 insertion(+), 1 deletion(-)
Vulnerable versions were never stabilized: 4.5.0 release candidates had no keywords, 4.5.0 final was only ~amd64.
Package list is empty or all packages have requested keywords.
Given this only ever affected unstable packages we can go ahead and noglsa it. All done, thanks!