Bug#1127490: marked as done (pdns-recursor: CVE-2026-24027 CVE-2026-0398)
Your message dated Thu, 19 Feb 2026 23:04:31 + with message-id and subject line Bug#1127490: fixed in pdns-recursor 5.2.8-0+deb13u1 has caused the Debian Bug report #1127490, regarding pdns-recursor: CVE-2026-24027 CVE-2026-0398 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 1127490: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490 Debian Bug Tracking System Contact [email protected] with problems --- Begin Message --- Source: pdns-recursor Version: 5.3.4-2 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team Control: found -1 5.2.7-0+deb13u1 Hi, The following vulnerability was published for pdns-recursor. CVE-2026-24027[0]: | Crafted zones can lead to increased incoming network traffic. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-24027 https://www.cve.org/CVERecord?id=CVE-2026-24027 [1] https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html Regards, Salvatore --- End Message --- --- Begin Message --- Source: pdns-recursor Source-Version: 5.2.8-0+deb13u1 Done: Chris Hofstaedtler We believe that the bug you reported is fixed in the latest version of pdns-recursor, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Chris Hofstaedtler (supplier of updated pdns-recursor package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 11 Feb 2026 23:05:53 +0100 Source: pdns-recursor Architecture: source Version: 5.2.8-0+deb13u1 Distribution: trixie-security Urgency: medium Maintainer: pdns-recursor packagers Changed-By: Chris Hofstaedtler Closes: 1127490 Changes: pdns-recursor (5.2.8-0+deb13u1) trixie-security; urgency=medium . * New upstream version 5.2.8, fixing CVE-2026-24027 CVE-2026-0398 (Closes: #1127490) Checksums-Sha1: 12bde2dac486f1a27d6ac894f66c5813ff375d2e 2808 pdns-recursor_5.2.8-0+deb13u1.dsc 593722d0ebefe11a42ee32d5943e23568e54d453 1732362 pdns-recursor_5.2.8.orig.tar.bz2 0f9ab5aab8fe88f2ba141916f7470f9d56395d3a 16824 pdns-recursor_5.2.8-0+deb13u1.debian.tar.xz 2b666ca3eba51d57d03b477c1f03a53771eb00c9 15148 pdns-recursor_5.2.8-0+deb13u1_arm64.buildinfo Checksums-Sha256: 7fc9cf0130aa15b58c64999d6f8a99deeff49b72e94a0ffc940cfc24f34119aa 2808 pdns-recursor_5.2.8-0+deb13u1.dsc f4d30ad7d258b948421b7674a9e51d1a82b23dfad5eaeea04d6fa5c2017ec93f 1732362 pdns-recursor_5.2.8.orig.tar.bz2 fed681fc23e2a6fcba3ec406aad5c0b851cd503d5de0db3e22fd615db067de6e 16824 pdns-recursor_5.2.8-0+deb13u1.debian.tar.xz ddf17c7ab7eed535614e8b8e8d7c0535b5b8f62ff997b6bba3bf814ef4b02a29 15148 pdns-recursor_5.2.8-0+deb13u1_arm64.buildinfo Files: ec7dde15f2e066b2572c6a6b670dc689 2808 net optional pdns-recursor_5.2.8-0+deb13u1.dsc 309e2fee683e4df4ae62d3186fbe7625 1732362 net optional pdns-recursor_5.2.8.orig.tar.bz2 ac4294a71673b6e20dc80e57e38483d2 16824 net optional pdns-recursor_5.2.8-0+deb13u1.debian.tar.xz 673bf1ddd23206b196feaee1028eb93d 15148 net optional pdns-recursor_5.2.8-0+deb13u1_arm64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEfRrP+tnggGycTNOSXBPW25MFLgMFAmmOTzcACgkQXBPW25MF LgO/8Q/+MBlLvO7F8httYmzGUOP59kFJXJEW5Jvt6FrkwHGtcjsR41Ax1ujy3rgL lPFYq0wYxs+6NpAoUutmeAfoqY7NHnIMk5mI0lzu6apweU4O/KhyZRHc9rLO+47T ky0OsfwFbttu6s2FMLYLE/7LCDrcVpabqQvnm8jo6sfWcErttufoNtzQqYRQwL1c 4TFptQRlvWHjq8+TQxaGhV/CheOCmjDT9V/VaIl6AgyWiolBYWS+6XW9HokItYb4 Lhp5NcHd3t4EXQ0U8ANIJY4iEHeWygNDIpDTseM8K3kEWoZSGQi4r+YkPLtj3kMP gHud/LTe96XdYFMjnGoLktDT//BmGkI26xpXGSf2pXiM49KPlTZwo2MBzXWdhfKQ 4SCst5aKxnALdC5zDu+EhMDY3ZWXfxduDQdHrWG5WufJZ6zYNAsdExm23L6ar7G/ JfSu+6nYspKuJcsXhIcbnF7JhWJRtbUAZXwL3AccVezVYTqa6DG1DbHzHQFVHYYK wCitEeQe5CAbTUQxJTKYwduWd1rWfo5ogQuxzuv47rxwDx4mPCCw3sn0Re7r5I4b t8skq2D9fTZNvMcVa67FQWtoK5ug1aCYxnUeEDHPjBDKpUBI0KzCWWuPwthgTRTG ZqIAgiwpFthG5Ekf44oCRLbsI11fFLsLe17WDsGeuzUOQDEvuk4= =rweJ -END PGP SIGNATURE- pgpE9_DR02sE2.pgp Description: PGP signature --- End Message ---
Bug#1127490: marked as done (pdns-recursor: CVE-2026-24027 CVE-2026-0398)
Your message dated Wed, 11 Feb 2026 15:20:28 + with message-id and subject line Bug#1127490: fixed in pdns-recursor 5.3.5-1 has caused the Debian Bug report #1127490, regarding pdns-recursor: CVE-2026-24027 CVE-2026-0398 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 1127490: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490 Debian Bug Tracking System Contact [email protected] with problems --- Begin Message --- Source: pdns-recursor Version: 5.3.4-2 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team Control: found -1 5.2.7-0+deb13u1 Hi, The following vulnerability was published for pdns-recursor. CVE-2026-24027[0]: | Crafted zones can lead to increased incoming network traffic. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-24027 https://www.cve.org/CVERecord?id=CVE-2026-24027 [1] https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html Regards, Salvatore --- End Message --- --- Begin Message --- Source: pdns-recursor Source-Version: 5.3.5-1 Done: Chris Hofstaedtler We believe that the bug you reported is fixed in the latest version of pdns-recursor, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Chris Hofstaedtler (supplier of updated pdns-recursor package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 11 Feb 2026 15:13:35 +0100 Source: pdns-recursor Architecture: source Version: 5.3.5-1 Distribution: unstable Urgency: medium Maintainer: pdns-recursor packagers Changed-By: Chris Hofstaedtler Closes: 1127490 Changes: pdns-recursor (5.3.5-1) unstable; urgency=medium . * New upstream version 5.3.5 Fixes CVE-2026-24027, CVE-2026-0398 (Closes: #1127490) Checksums-Sha1: 60431dac51e64a3c9729bcbf6a153a835bc728fb 3176 pdns-recursor_5.3.5-1.dsc 08e289abf0480ff5af7e47dae2f2d171f81e0d36 1367860 pdns-recursor_5.3.5.orig.tar.xz 586c6b362d6e71d8edf913e60cacdc5a9ee2c2b6 18068 pdns-recursor_5.3.5-1.debian.tar.xz 4c9861445dcee2e0a528d52bd2db1bce643ce124 25562 pdns-recursor_5.3.5-1_arm64.buildinfo Checksums-Sha256: 726358b398e93565a6eb74e9e8c25e200f41492ecae9c567a30fad264ecbf33a 3176 pdns-recursor_5.3.5-1.dsc 74497ae620167d857ce2d5702bd14018e5f4c848e878f29cef51581a74b0d05e 1367860 pdns-recursor_5.3.5.orig.tar.xz 5f4480a3a63ce669b9b4906382691a56dd471ba9af4b8148ac92fa20acb3d487 18068 pdns-recursor_5.3.5-1.debian.tar.xz aa3d82a63780f9c84073071f5fe5451d3d0bcedd3e709e79fc6d2223bf08ade9 25562 pdns-recursor_5.3.5-1_arm64.buildinfo Files: 228090460d29c815274aca78a33ec8af 3176 net optional pdns-recursor_5.3.5-1.dsc e0321fdbe460bc30c002fa4243bc6c5f 1367860 net optional pdns-recursor_5.3.5.orig.tar.xz aacccba2c50f58543fd3a719f0f17fc1 18068 net optional pdns-recursor_5.3.5-1.debian.tar.xz 9f31ab14874d9ab64ea9edfacd390ab5 25562 net optional pdns-recursor_5.3.5-1_arm64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEfRrP+tnggGycTNOSXBPW25MFLgMFAmmMmokACgkQXBPW25MF LgOS6hAAoQUNb9CXzmRH0xln1o6op92+kC758c061c41vlxBxIZyrQyPfYz1OfOm RYfKtUqIfAuBKldjzJGEFv/whn31H5iPfrQ3BsVgh8Obfyz8yg2RhBYJR6ZQM6t/ XsNFkUXztlXrmZrawitBJFtErGElPQIVgWcLdjoLsanuVtkQekEXOnzDKfPomJ5v D9OHPDtfThaNV7IOCQMMZDDd6RQJ3999bCAxd/B2ddPHuxRzzaXPzBee+yPOviXC uHtzZmW8CYAGzSeBuIh0nmTOf2BdzwXwOwVGHvoxqH/hbFl9GUDaIB397pApTbGv IQPehdtX+hRtz/kC+cMN7Cz1ztttSPUgv36VZ3gPbSN+8cX77f7TuIL7kaVM7pQM Cvmtu+dEM2WYbF9y2yP1/NMvkVc2Vv3RpwbkSfVTHtnE0UNqWb4itPuXQKDtgR0z LP7KHnKCtaeky8jyKR0URwUYNbBJBNmy5rMMbJiATYFh0hC+SPGleCvFRFcb/eVN NzDl7APYK5Q5zNYQTfxLSTZGPZhAVLV8lJXPue91CBxUxhKGVi5iys7+Ro2feoVl nvOps9o2wdW2trYypey0EafhRsiVD4XF0NGrlxFO0RJpQ0WIIQnhZ6ujXz/K5kT9 tb2Drp/05PSieAVCUaSpxhTZur2tbcbuuorT46DaFxH/VqRTLEg= =BWt1 -END PGP SIGNATURE- pgpsZ_rd4bLR_.pgp Description: PGP signature --- End Message ---
