AVG-856 log
| Package | powerdns-recursor |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 4.1.8-1 |
| Fixed | 4.1.9-1 |
| Current | 5.3.1-1 [extra] |
| Ticket | None |
| Created | Mon Jan 21 23:42:23 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-3807 | Medium | Yes | Insufficient validation | An issue has been found in PowerDNS Recursor before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA... |
| CVE-2019-3806 | Low | Yes | Access restriction bypass | An issue has been found in PowerDNS Recursor before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 24 Jan 2019 | ASA-201901-13 | powerdns-recursor | multiple issues |
| References |
|---|
https://blog.powerdns.com/2019/01/21/powerdns-recursor-4-1-9-released/ |