This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This pdns-recursor version update fixes the following security issue
and non secuirty issues.
Update to upstream release 3.6.2.
- boo#906583: Degraded service through queries to queries
to specific domains (CVE-2014-8601)
- Fixed broken _localstatedir
Update to upstream release 3.6.1.
- gab14b4f: expedite servfail generation for ezdns-like
failures (fully abort query resolving if we hit more
than 50 outqueries)
- g42025be: PowerDNS now polls the security status of a
release at startup and periodically. More detail on this
feature, and how to turn it off, can be found in Section
2, 'Security polling'.
- g5027429: We did not transmit the right 'local' socket
address to Lua for TCP/IP queries in the recursor. In
addition, we would attempt to lookup a filedescriptor
that wasn't there in an unlocked map which could
conceivably lead to crashes. Closes t1828, thanks
Winfried for reporting
- g752756c: Sync embedded yahttp copy. API: Replace HTTP
Basic auth with static key in custom header
- g6fdd40d: add missing #include <pthread.h> to
rec-channel.hh (this fixes building on OS X).
- sync permissions/ownership of home and config dir with
the pdns package
- added systemd support for 12.3 and newer
Update to upstrean release 3.5.3.
- This is a bugfix and performance update to 3.5.2. It
brings serious performance improvements for dual stack
users. For all the details see
- Remove patch (pdns-recursor-3.3_config.patch)
- Add patch (pdns-recursor-3.5.3_config.patch)
Update to upstrean release 3.5.2.
- Responses without the QR bit set now get matched up to
an outstanding query, so that resolution can be aborted
early instead of waiting for a timeout.
- The depth limiter changes in 3.5.1 broke some legal
domains with lots of indirection.
- Slightly improved logging to aid debugging.
Update to upstream version 3.5.1.
- This is a stability and bugfix update to 3.5. It
contains important fixes that improve operation for
certain domains. This is a stability, security and
bugfix update to 3.3/3.3.1. It contains important fixes
for slightly broken domain names, which your users
expect to work anyhow. For all details see
- adapted patches: pdns-rec-lua52.patch
- fixed conditional for different lua versions
- started some basic support to build packages for non
See also :
Update the affected pdns-recursor packages.
Risk factor :
Medium / CVSS Base Score : 5.0