AVG-856

Package powerdns-recursor
Status Fixed
Severity Medium
Type multiple issues
Affected 4.1.8-1
Fixed 4.1.9-1
Current 4.2.0-1 [community]
Ticket None
Created Mon Jan 21 23:42:23 2019
Issue Severity Remote Type Description
CVE-2019-3807 Medium Yes Insufficient validation
An issue has been found in PowerDNS Recursor before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA...
CVE-2019-3806 Low Yes Access restriction bypass
An issue has been found in PowerDNS Recursor before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination...
Date Advisory Package Description
24 Jan 2019 ASA-201901-13 powerdns-recursor multiple issues
References
https://blog.powerdns.com/2019/01/21/powerdns-recursor-4-1-9-released/