openSUSE-SU-2023:0101-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0101-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2023:0101-1
Related
Published
2023-05-02T07:36:56Z
Modified
2023-05-02T07:36:56Z
Summary
Security update for pdns-recursor
Details

This update for pdns-recursor fixes the following issues:

pdns-recursor was updated to 4.6.6:

  • fixes deterred spoofing attempts can lead to authoritative servers being marked unavailable (boo#1209897, CVE-2023-26437)

Fixes in 4.6.5:

  • When an expired NSEC3 entry is seen, move it to the front of the expiry queue
  • Log invalid RPZ content when obtained via IXFR
  • Detect invalid bytes in makeBytesFromHex()
  • Timeout handling for IXFRs as a client

Fixes in 4.6.4:

  • Check qperq limit if throttling happened, as it increases counters
  • Failure to retrieve DNSKEYs of an Insecure zone should not be fatal
  • Resize answer length to actual received length in udpQueryResponse
References

Affected packages

SUSE:Package Hub 15 SP4 / pdns-recursor

Package

Name
pdns-recursor
Purl
purl:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.6.6-bp154.2.6.1

Ecosystem specific 

{
    "binaries": [
        {
            "pdns-recursor": "4.6.6-bp154.2.6.1"
        }
    ]
}

openSUSE:Leap 15.4 / pdns-recursor

Package

Name
pdns-recursor
Purl
purl:rpm/suse/pdns-recursor&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.6.6-bp154.2.6.1

Ecosystem specific 

{
    "binaries": [
        {
            "pdns-recursor": "4.6.6-bp154.2.6.1"
        }
    ]
}