Lucene search
SuseOPENSUSE-SU-2022:10171-1HistoryOct 30, 2022 - 12:00 a.m.
Security update for pdns-recursor (important)
2022-10-3000:00:00
lists.opensuse.org
10
pdns-recursor
update
vulnerability
fix
incomplete exception handling
protobuf message generation
nsec
ns
soa
cname
ds query
root hints
opensuse
sle-15-sp4
zypper patch
0.002 Low
EPSS
Percentile
52.0%
An update that fixes one vulnerability is now available.
Description:
This update for pdns-recursor fixes the following issues:
pdns-recursor was updated to 4.6.3:
- fixes incomplete exception handling related to protobuf message
generation (boo#1202664, CVE-2022-37428)
pdns-recursor was updated to 4.6.2:
- Reject non-apex NSEC(3)s that have both the NS and SOA bits set
- A CNAME answer on DS query should abort DS retrieval
- Allow disabling of processing the root hints
- If we get NODATA on an AAAA in followCNAMERecords, try native dns64
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10171=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP4 | aarch64 | - opensuse backports sle | < 15-SP4 (aarch64 ppc64le x86_64): | - openSUSE Backports SLE-15-SP4 (aarch64 ppc64le x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP4 | ppc64le | - opensuse backports sle | < 15-SP4 (aarch64 ppc64le x86_64): | - openSUSE Backports SLE-15-SP4 (aarch64 ppc64le x86_64):.ppc64le.rpm |
| openSUSE Backports SLE | 15-SP4 | x86_64 | - opensuse backports sle | < 15-SP4 (aarch64 ppc64le x86_64): | - openSUSE Backports SLE-15-SP4 (aarch64 ppc64le x86_64):.x86_64.rpm |
Related
nessus
nessus
fedora
fedora
[SECURITY] Fedora 36 Update: pdns-recursor-4.6.3-1.fc36
2022-09-01 09:41:49
openvas
openvas
Fedora: Security Advisory for pdns-recursor (FEDORA-2022-d1dcd9b046)
2022-09-03 00:00:00
PowerDNS Recursor DoS Vulnerability (2022-02)
2022-08-24 00:00:00
ubuntucve
ubuntucve
CVE-2022-37428
2022-08-23 00:00:00
osv
osv
CVE-2022-37428
2022-08-23 17:15:15
veracode
veracode
Denial Of Service (DoS)
2022-08-26 12:35:29
debiancve
debiancve
CVE-2022-37428
2022-08-23 17:15:15
cve
cve
CVE-2022-37428
2022-08-23 17:15:15
cvelist
cvelist
CVE-2022-37428
2022-08-23 16:33:04
freebsd
freebsd
powerdns-recursor -- denial of service
2022-08-23 00:00:00
prion
prion
Input validation
2022-08-23 17:15:00
nvd
nvd
CVE-2022-37428
2022-08-23 17:15:15
alpinelinux
alpinelinux
CVE-2022-37428
2022-08-23 17:15:15