openSUSE Security Update : pdns (openSUSE-2019-1904)
Medium Nessus Plugin ID 127996
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for pdns fixes the following issues :
Security issues fixed :
- CVE-2019-10203: Updated PostgreSQL schema to address a possible denial of service by an authorized user by inserting a crafted record in a MASTER type zone under their control. (boo#1142810)
- CVE-2019-10162: Fixed a denial of service but when authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. (boo#1138582)
- CVE-2019-10163: Fixed a denial of service of slave server when an authorized master server sends large number of NOTIFY messages. (boo#1138582)
Non-security issues fixed :
- Enabled the option to disable superslave support.
- Fixed `pdnsutil b2b-migrate` to not lose NSEC3 settings.
SolutionUpdate the affected pdns packages.