Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
abdac526 by Salvatore Bonaccorso at 2026-05-04T21:53:12+02:00
Track fixed version for pdns issues fixed via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5876,25 +5876,25 @@ CVE-2026-34413 (Xerte Online Toolkits versions 3.15 and
earlier contain a missin
NOT-FOR-US: Xerte Online Toolkits
CVE-2026-33611 (An operator allowed to use the REST API can cause the
Authoritative se ...)
{DSA-6233-1}
- - pdns <unfixed> (bug #1135373)
+ - pdns 5.0.4-1 (bug #1135373)
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE:
https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#insufficient-validation-of-https-and-svcb-records
CVE-2026-33610 (A rogue primary server may cause file descriptor exhaustion
and eventu ...)
{DSA-6233-1}
- - pdns <unfixed> (bug #1135373)
+ - pdns 5.0.4-1 (bug #1135373)
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE:
https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#possible-file-descriptor-exhaustion-in-forward-dnsupdate
CVE-2026-33609 (Incomplete escaping of LDAP queries when running with 8bit-dns
enabled ...)
{DSA-6233-1}
- - pdns <unfixed> (bug #1135373)
+ - pdns 5.0.4-1 (bug #1135373)
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE:
https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#ldap-dn-injection
CVE-2026-33608 (An attacker can send a notify request that causes a new
secondary doma ...)
{DSA-6233-1}
- - pdns <unfixed> (bug #1135373)
+ - pdns 5.0.4-1 (bug #1135373)
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE:
https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#incomplete-domain-name-sanitization-during-bind-autosecondary-zone-transfer
@@ -6545,7 +6545,7 @@ CVE-2026-33257 (An attacker can send a web request that
causes unlimited memory
- pdns-recursor 5.3.0-1
[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
- - pdns <unfixed> (bug #1135373)
+ - pdns 5.0.4-1 (bug #1135373)
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE:
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33257-insufficient-input-validation-of-internal-webserver
@@ -6561,7 +6561,7 @@ CVE-2026-33260 (An attacker can send a web request that
causes unlimited memory
- pdns-recursor 5.3.0-1
[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
- - pdns <unfixed> (bug #1135373)
+ - pdns 5.0.4-1 (bug #1135373)
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
NOTE:
https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33260-insufficient-input-validation-of-internal-webserver
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abdac526fcc702703cc6bba77513ce795079bf94
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abdac526fcc702703cc6bba77513ce795079bf94
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
