openSUSE Security Update : pdns-recursor (openSUSE-SU-2014:1685-1)
Medium Nessus Plugin ID 80211
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis pdns-recursor version update fixes the following security issue and non secuirty issues.
Update to upstream release 3.6.2.
- boo#906583: Degraded service through queries to queries to specific domains (CVE-2014-8601)
- Fixed broken _localstatedir
Update to upstream release 3.6.1.
- gab14b4f: expedite servfail generation for ezdns-like failures (fully abort query resolving if we hit more than 50 outqueries)
- g42025be: PowerDNS now polls the security status of a release at startup and periodically. More detail on this feature, and how to turn it off, can be found in Section 2, 'Security polling'.
- g5027429: We did not transmit the right 'local' socket address to Lua for TCP/IP queries in the recursor. In addition, we would attempt to lookup a filedescriptor that wasn't there in an unlocked map which could conceivably lead to crashes. Closes t1828, thanks Winfried for reporting
- g752756c: Sync embedded yahttp copy. API: Replace HTTP Basic auth with static key in custom header
- g6fdd40d: add missing #include <pthread.h> to rec-channel.hh (this fixes building on OS X).
- sync permissions/ownership of home and config dir with the pdns package
- added systemd support for 12.3 and newer
Update to upstrean release 3.5.3.
- This is a bugfix and performance update to 3.5.2. It brings serious performance improvements for dual stack users. For all the details see http://doc.powerdns.com/html/changelog.html#changelog-re cursor-3.5.3
- Remove patch (pdns-recursor-3.3_config.patch)
- Add patch (pdns-recursor-3.5.3_config.patch)
Update to upstrean release 3.5.2.
- Responses without the QR bit set now get matched up to an outstanding query, so that resolution can be aborted early instead of waiting for a timeout.
- The depth limiter changes in 3.5.1 broke some legal domains with lots of indirection.
- Slightly improved logging to aid debugging.
Update to upstream version 3.5.1.
- This is a stability and bugfix update to 3.5. It contains important fixes that improve operation for certain domains. This is a stability, security and bugfix update to 3.3/3.3.1. It contains important fixes for slightly broken domain names, which your users expect to work anyhow. For all details see http://doc.powerdns.com/html/changelog.html#changelog-re cursor-3.5.1
- adapted patches: pdns-rec-lua52.patch pdns-recursor-3.5.1_config.patch
- fixed conditional for different lua versions
- started some basic support to build packages for non suse distros
SolutionUpdate the affected pdns-recursor packages.