Bug#1069762: pdns-recursor: CVE-2024-25583 - 4.8.8 for stable
* Moritz Muehlenhoff [240425 08:44]: > On Thu, Apr 25, 2024 at 08:37:14AM +0200, Chris Hofstaedtler wrote: > > Hi Moritz, > > > > could we once again use the upstream release for stable? > > debdiff 4.8.7-1 -> 4.8.8-1 is attached. > > Ack. Following the 4.8 releases has served us well. debdiff looks fine, > please build with -sa and upload to security-master. Done. Thanks, Chris
Bug#1069762: pdns-recursor: CVE-2024-25583 - 4.8.8 for stable
On Thu, Apr 25, 2024 at 08:37:14AM +0200, Chris Hofstaedtler wrote: > Hi Moritz, > > could we once again use the upstream release for stable? > debdiff 4.8.7-1 -> 4.8.8-1 is attached. Ack. Following the 4.8 releases has served us well. debdiff looks fine, please build with -sa and upload to security-master. Cheers, Moritz
Bug#1069762: pdns-recursor: CVE-2024-25583
Source: pdns-recursor X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for pdns-recursor. CVE-2024-25583[0]: PowerDNS Security Advisory 2024-02: if recursive forwarding is configured, crafted responses can lead to a denial of service in Recursor https://www.openwall.com/lists/oss-security/2024/04/24/1 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-25583 https://www.cve.org/CVERecord?id=CVE-2024-25583 Please adjust the affected versions in the BTS as needed.