| Summary: | pdns new security issues CVE-2019-1016[23] and CVE-2019-10203 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | Dimitri Jakov <mitya> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | geiger.david68210, mageia, marja11 |
| Version: | 7 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | pdns-4.1.8-1.mga7.src.rpm | CVE: | |
| Status comment: | Fixed upstream in 4.1.11 | ||
| Bug Depends on: | 27310 | ||
| Bug Blocks: | |||
|
Description
David Walser
2019-06-23 18:44:50 CEST
David Walser
2019-06-23 18:45:04 CEST
Status comment:
(none) =>
Fixed upstream in 4.1.10 Assigning to our registered pdns maintainer. Assignee:
bugsquad =>
mitya CC'ing daviddavid, who pushed this package many times, because I haven't recently seen mitya. CC:
(none) =>
geiger.david68210 Upstream has issued an advisory on July 30: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-06.html The issue is fixed in 4.1.11, but also requires manual intervention by the sysadmin, so we'll need to include a note about that in our advisory. https://blog.powerdns.com/2019/08/01/security-notice-for-powerdnspostgres-users/ Summary:
pdns new security issues CVE-2019-1016[23] =>
pdns new security issues CVE-2019-1016[23] and CVE-2019-10203 Debian advisory for the first two CVEs from June 23: https://www.debian.org/security/2019/dsa-4470 openSUSE has issued an advisory for this on August 15: https://lists.opensuse.org/opensuse-updates/2019-08/msg00090.html
Nicolas Lécureuil
2020-05-22 14:05:58 CEST
Whiteboard:
MGA7TOO, MGA6TOO =>
MGA7TOO Fixed in: https://advisories.mageia.org/MGASA-2020-0375.html but that advisory needs to be updated. Depends on:
(none) =>
27310 |