Hello everyone, Today, we are releasing version 3.4.11 of the PowerDNS Authoritative Server. This release fixes several scurity issues that were reported to PowerDNS.
It concerns the following security advisories: * 2016-02: Crafted queries can cause abnormal CPU usage[1] * 2016-03: Denial of service via the web server[2] * 2016-04: Insufficient validation of TSIG signatures[3] * 2016-05: Crafted zone record can cause a denial of service[4] For those who cannot update, minimal patches are available[5,6,7,8] The full changelog is online[9] and reproduced here: * Don't parse spurious RRs in queries when we don't need them (Security Advisory 2016-02) * Don't exit if the webserver can't accept a connection (Security Advisory 2016-03) * Fix TSIG computation (Security Advisory 2016-04) * Correctly check unknown record content size (Security Advisory 2016-05) * Fix a possible memory leak in the webserver * Lowercase the qname in getDomainInfo() and isMaster() * Don't look up the packet cache for TSIG-enabled queries * Fix a stack-based off-by-one write in the HTTP remote backend Tarballs with sources are available (with signatures)[10,11] and we urge all users to upgrade to this new version. Best regards, The PowerDNS team. 1 - https://doc.powerdns.com/3/security/powerdns-advisory-2016-02 2 - https://doc.powerdns.com/3/security/powerdns-advisory-2016-03 3 - https://doc.powerdns.com/3/security/powerdns-advisory-2016-04 4 - https://doc.powerdns.com/3/security/powerdns-advisory-2016-05 5 - https://downloads.powerdns.com/patches/2016-02 6 - https://downloads.powerdns.com/patches/2016-03 7 - https://downloads.powerdns.com/patches/2016-04 8 - https://downloads.powerdns.com/patches/2016-05 9 - https://doc.powerdns.com/3/changelog/#powerdns-authoritative-server-3411 10 - https://downloads.powerdns.com/releases/pdns-3.4.11.tar.bz2 11 - https://downloads.powerdns.com/releases/pdns-3.4.11.tar.bz2.sig -- Pieter Lexis PowerDNS.COM BV -- https://www.powerdns.com
pgpYhsDs4Zrvm.pgp
Description: OpenPGP digital signature
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users