Page MenuHomeVyOS Platform

[Security Advisory] PowerDNS Recursor 4.1.9 Released
Closed, ResolvedPublicBUG

Description

We are very happy to announce the 4.1.9 release of the PowerDNS Recursor. This release is fixing two security issues, and addressing a shortcoming in the way incoming queries are distributed to threads under heavy load.This release fixes the following security issues:

PowerDNS Security Advisory 2019-01 (CVE-2019-3806): Lua hooks are not called over TCP
PowerDNS Security Advisory 2019-02 (CVE-2019-3807): DNSSEC validation is not performed for AA=0 responses

These issues respectively affect PowerDNS Recursor from 4.1.4 and 4.1.0, up to and including 4.1.8. PowerDNS Recursor 4.0.x and below are not affected.

Details

Version
1.2.0-EPA3

Event Timeline

vyos 1.2.0-rolling+201906161308 has pdns_recursor 4.1.14, should this be marked as fixed?

@jjakob yes. Each ISO always ships the latest available PowerDNS version that is released and available via https://repo.powerdns.com/

c-po triaged this task as High priority.
c-po edited a custom field.