Parent Directory | Revision Log
Adding security advisory for pdns mga#27310
1 | type: security |
2 | subject: Updated pdns packages fix security vulnerability |
3 | CVE: |
4 | - CVE-2020-17482 |
5 | src: |
6 | 7: |
7 | core: |
8 | - pdns-4.1.14-1.mga7 |
9 | description: | |
10 | An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an |
11 | authorized user with the ability to insert crafted records into a zone might be |
12 | able to leak the content of uninitialized memory. Such a user could be a |
13 | customer inserting data via a control panel, or somebody with access to the |
14 | REST API. Crafted records cannot be inserted via AXFR (CVE-2020-17482). |
15 | |
16 | The pdns package has been updated to versoin 4.1.14, fixing this issue and |
17 | several other bugs. See the upstream changelog for details. |
18 | references: |
19 | - https://bugs.mageia.org/show_bug.cgi?id=27310 |
20 | - https://doc.powerdns.com/authoritative/changelog/4.1.html#change-4.1.14 |
21 | - https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html |
ViewVC Help | |
Powered by ViewVC 1.1.30 |