Your message dated Wed, 24 Apr 2024 13:19:36 +0000
with message-id <e1rzcxa-00eai1...@fasolo.debian.org>
and subject line Bug#1069762: fixed in pdns-recursor 4.9.5-1
has caused the Debian Bug report #1069762,
regarding pdns-recursor: CVE-2024-25583
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1069762: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069762
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: pdns-recursor
X-Debbugs-CC: t...@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerability was published for pdns-recursor.
CVE-2024-25583[0]:
PowerDNS Security Advisory 2024-02: if recursive forwarding is
configured, crafted responses can lead to a denial of service in Recursor
https://www.openwall.com/lists/oss-security/2024/04/24/1
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-25583
https://www.cve.org/CVERecord?id=CVE-2024-25583
Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Source: pdns-recursor
Source-Version: 4.9.5-1
Done: Chris Hofstaedtler <z...@debian.org>
We believe that the bug you reported is fixed in the latest version of
pdns-recursor, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1069...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Chris Hofstaedtler <z...@debian.org> (supplier of updated pdns-recursor package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 24 Apr 2024 14:19:26 +0200
Source: pdns-recursor
Architecture: source
Version: 4.9.5-1
Distribution: unstable
Urgency: medium
Maintainer: pdns-recursor packagers <pdns-recur...@packages.debian.org>
Changed-By: Chris Hofstaedtler <z...@debian.org>
Closes: 1069762
Changes:
pdns-recursor (4.9.5-1) unstable; urgency=medium
.
* New upstream version 4.9.5, including fix for CVE-2024-25583
(Closes: #1069762)
Checksums-Sha1:
1324089baae0d3ad5dcc1331d3f8c5cff8c9ecd5 2871 pdns-recursor_4.9.5-1.dsc
da8bc013ee0fef9e4e18a2e023c26cc10648d574 1556147
pdns-recursor_4.9.5.orig.tar.bz2
04271a59919ac5f9084a73384beae7b8e3eced0d 488
pdns-recursor_4.9.5.orig.tar.bz2.asc
d33467707919ef469741a7aa4e47de8784277cb9 23728
pdns-recursor_4.9.5-1.debian.tar.xz
e11dae70c571471e9b7f8034b161926a2d7d6980 9647
pdns-recursor_4.9.5-1_arm64.buildinfo
Checksums-Sha256:
284ce1b6af758bee617a38a3e893c357d0c82e3a2a15f17d6fdad49fcaf17a70 2871
pdns-recursor_4.9.5-1.dsc
1d062be88c70c27200821c1c6154ee68e4efec395eff588ee1e73c4e81e4f51e 1556147
pdns-recursor_4.9.5.orig.tar.bz2
dfd0d2e16b9a304da858c6dd01abf465fb759ddd83db4e0dcad53a2a4fa13087 488
pdns-recursor_4.9.5.orig.tar.bz2.asc
df65b867c04cc6b91736705a2cb64d6d85e58bd63c000f744963c5cad4248a86 23728
pdns-recursor_4.9.5-1.debian.tar.xz
067255269eb32eada41904154c2fe995bd559f97747f9d00008e44086c2d27e7 9647
pdns-recursor_4.9.5-1_arm64.buildinfo
Files:
f122f2cfe183c33ed4e3bde8aaa59472 2871 net optional pdns-recursor_4.9.5-1.dsc
ffb6a13c94a32f21780df601d56bd970 1556147 net optional
pdns-recursor_4.9.5.orig.tar.bz2
9e4360c9a06d4744b164867ce7be67c1 488 net optional
pdns-recursor_4.9.5.orig.tar.bz2.asc
af3414311b44df3acd1b5ea494a6be07 23728 net optional
pdns-recursor_4.9.5-1.debian.tar.xz
f4b94c5a60e93003dfda463889a96523 9647 net optional
pdns-recursor_4.9.5-1_arm64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfRrP+tnggGycTNOSXBPW25MFLgMFAmYpA78ACgkQXBPW25MF
LgNySxAAnEkSmj5PY4FswwPFioesg8Qk6AUXKIddWh375WFy9ef0fYxm6C3a094I
ty5pMMsmWXnHGxR5L+ctOnS8RO5ZDtD3FPyYvs2SDDdMG0yAwoP8mc3uJUuja9/J
LoeFdWpvtc9do0gstB4X+TiI62iuQol4iqu3DcPf8n+UEfsICIijnV+5rQ3jgt+q
WTJvBjNWckFr7k+5R3lQPVc42kMv/gqrdNOT0MPponsiRWVFGC3vPUddzO1yz7BH
yu9GWoljB3vG+N1o2v187xhjdmBZLYWVzl8K79rkyjtktwNXcsn/CQ3ND1XE26Ym
K0POiF5ihL2+wdNu0t45C9Y9hiY0vvewMSHZDzXVAvuCZ5f/WV1lT89KGKLobg1a
9Ww2IWNy88n/8BOFEA44vDtwot1PzzC0Gm09XRbcMiIQHcJnbE2DLzS4uQxC0Oa8
Gl8M6lHLUC2yiCTwosRftRuX94L9PsTOnW+yVFTsQ29SjN6Vi2Yi/ugAN4WnsbFu
8/sKxet3g0dDrxymLan3M+8oQcTmHBV5rac8tfK4bRHFGLgw3uwV9kx9ZD3QGt/o
mKselbvZgoi8DsYUTv+txADo64nP5nto1ZXpP4CJ0rAOJcdDSqMZePigLzGVQ57o
wmyO2LNHZd03+bzk2EJGN/4+RpBwznc/iKltZmbUbu7ge4gyYRw=
=QZW8
-----END PGP SIGNATURE-----
pgpjUuLIxFAS1.pgp
Description: PGP signature
--- End Message ---
