Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-12-SP1
patchinfo.7992
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7992
<patchinfo incident="7992"> <issue id="1077154" tracker="bnc">VUL-0: CVE-2018-1000003: pdns-recursor: input validation bugs in DNSSEC validators components</issue> <issue id="1069242" tracker="bnc">VUL-0: CVE-2017-15090, CVE-2017-15091, CVE-2017-15092, CVE-2017-15093, CVE-2017-15094: pdns: Multiple security issues</issue> <issue id="2018-1000003" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>adamm</packager> <description>This update for pdns-recursor fixes the following issues: - update to 4.1.2 - New Features - #6344: Add FFI version of gettag(). - Improvements - #6298, #6303, #6268, #6290: Add the option to set the AXFR timeout for RPZs. - #6172: IXFR: correct behavior of dealing with DNS Name with multiple records and speed up IXFR transaction (Leon Xu). - #6379: Add RPZ statistics endpoint to the API. - Bug Fixes - #6336, #6293, #6237: Retry loading RPZ zones from server when they fail initially. - #6300: Fix ECS-based cache entry refresh code. - #6320: Fix ECS-specific NS AAAA not being returned from the cache. - update to version 4.1.1: + Fixes security vulnerability where man-in-the-middle to send a NXDOMAIN answer for a DNSSEC name that does exist. (boo#1077154, CVE-2018-1000003) + Don't validate signature for "glue" CNAME, since anything else than the initial CNAME can’t be considered authoritative. - update to version 4.0.7: (boo#1069242)</description> <summary>Security update for pdns-recursor</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor