[SECURITY] [DSA 5674-1] pdns-recursor security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5674-1] pdns-recursor security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 25 Apr 2024 19:28:07 +0000
Message-id: <[🔎] Ziqux0MeK86kIqyl@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5674-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
April 25, 2024                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : pdns-recursor
CVE ID         : CVE-2024-25583

It was discovered that PDNS Recursor, a resolving name server, was
susceptible to denial of service if recursive forwarding is configured.

For the stable distribution (bookworm), this problem has been fixed in
version 4.8.8-1.

We recommend that you upgrade your pdns-recursor packages.

For the detailed security status of pdns-recursor please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pdns-recursor

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYqrogACgkQEMKTtsN8
TjbKDg//bFtgtpr7H0WEGL6u5aHSqnIU5HNnKDW3rCy7OdHE6GHrnhADszvImyiH
+IkLXb7uEdoL+Hy4A8ymr9KS+w2Ai90NYAjhYexWuTi4Kse0oKGkPYIEfAmeybf6
zduxdsKJUU7x92VwnMybQN9E6g+a0b6c+UyFYPZpUAywTqU5aT4ZH1KwjwFeu1Ab
1Uj0ySEWdd/qe/ZHS6rWB0SKWTjv15L+lx2IcO6dPDQtZA8B9SpOoTQWtIwroQtx
eZrdH/V9O1D796TFFyrrr1afJCBb++nH7f191qDPrkLCaC7/EhVxEqKrbTHaVwqh
OmsSR9kxvvC9wSA+FshgBfJEFSyPbX7TGOvBNjMBVGr1R/NpQeDY4L9Ta1fz6z0E
UpTCuer+QU9bo5A1LMbC4sEwoGRD2/oSdmgiXSnBfJ7HXsrUUVqTeTmkMDSXwAd7
WFI68awRnNuqC4CqOvynbLc19QeH8TDWNpB4dwVevrXjEdVgQANSAJmcOhN/dyyn
C5WoIDOXPHc9TNtGROxhP84Nj5gKgrkCh3bG5uEHycIT0S+PIWZDJvYAm6YoZKX4
6jZqgGSrz5/Foa0dvOlriQRFtVPpODsNSkVce8Uwvyonc1SxvytcNMugEjBP4ePG
XruQ2wy+RZ4VXJvYNnQImrJ1Vvi0CCygRcK4e/4qaq8o3/fofvk=
=PwIZ
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5673-1] glibc security update
Next by Date: [SECURITY] [DSA 5675-1] chromium security update
Previous by thread: [SECURITY] [DSA 5673-1] glibc security update
Next by thread: [SECURITY] [DSA 5675-1] chromium security update
Index(es):
- Date
- Thread