pdns-recursor-4.0.3-1.2 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10537 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z pdns-recursor-4.0.3-1.2 on GA media These are all security issues fixed in the pdns-recursor-4.0.3-1.2 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10537 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10537 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2009-4009/ SUSE CVE CVE-2009-4009 page https://www.suse.com/security/cve/CVE-2014-8601/ SUSE CVE CVE-2014-8601 page https://www.suse.com/security/cve/CVE-2015-1868/ SUSE CVE CVE-2015-1868 page https://www.suse.com/security/cve/CVE-2016-6172/ SUSE CVE CVE-2016-6172 page openSUSE Tumbleweed pdns-recursor-4.0.3-1.2 pdns-recursor-4.0.3-1.2 as a component of openSUSE Tumbleweed Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets. CVE-2009-4009 openSUSE Tumbleweed:pdns-recursor-4.0.3-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-4009.html CVE-2009-4009 https://bugzilla.suse.com/567990 SUSE Bug 567990 PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service ("performance degradations") via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it. CVE-2014-8601 openSUSE Tumbleweed:pdns-recursor-4.0.3-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-8601.html CVE-2014-8601 https://bugzilla.suse.com/906583 SUSE Bug 906583 The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself. CVE-2015-1868 openSUSE Tumbleweed:pdns-recursor-4.0.3-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-1868.html CVE-2015-1868 https://bugzilla.suse.com/927569 SUSE Bug 927569 https://bugzilla.suse.com/943078 SUSE Bug 943078 PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response. CVE-2016-6172 openSUSE Tumbleweed:pdns-recursor-4.0.3-1.2 important 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-6172.html CVE-2016-6172 https://bugzilla.suse.com/987872 SUSE Bug 987872