Page MenuHomeVyOS Platform
Create Task
Maniphest T1189

[Security Advisory] PowerDNS Recursor 4.1.9 Released
Closed, ResolvedPublicBUG
Actions

Description

We are very happy to announce the 4.1.9 release of the PowerDNS Recursor. This release is fixing two security issues, and addressing a shortcoming in the way incoming queries are distributed to threads under heavy load.This release fixes the following security issues:

PowerDNS Security Advisory 2019-01 (CVE-2019-3806): Lua hooks are not called over TCP
PowerDNS Security Advisory 2019-02 (CVE-2019-3807): DNSSEC validation is not performed for AA=0 responses

These issues respectively affect PowerDNS Recursor from 4.1.4 and 4.1.0, up to and including 4.1.8. PowerDNS Recursor 4.0.x and below are not affected.

Details

Version
1.2.0-EPA3

Event Timeline

rherold created this task.Jan 21 2019, 2:00 PM
pasik subscribed.Jan 21 2019, 9:43 PM
jjakob subscribed.Jun 16 2019, 5:33 PM

vyos 1.2.0-rolling+201906161308 has pdns_recursor 4.1.14, should this be marked as fixed?

c-po subscribed.Jun 16 2019, 6:37 PM

@jjakob yes. Each ISO always ships the latest available PowerDNS version that is released and available via https://repo.powerdns.com/

c-po moved this task from Needs Triage to Finished on the VyOS 1.2 Crux ( VyOS 1.2.0-EPA) board.Jun 16 2019, 6:38 PM

VyOS 1.2.1 ships PowerDNS 4.1.12

c-po closed this task as Resolved.Jun 16 2019, 6:39 PM
c-po triaged this task as High priority.
c-po edited a custom field.