Security update for pdns SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:0183-1 Final 1 1 2017-01-17T14:22:21Z current 2017-01-17T14:22:21Z 2017-01-17T14:22:21Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for pdns This update for pdns fixes the following issues: - CVE-2016-2120: Crafted zone record could have caused a denial of service (bsc#1018329). - CVE-2016-7068: Crafted queries could have caused abnormal CPU usage (bsc#1018326). - CVE-2016-7072: Denial of service via the web server (bsc#1018327). - CVE-2016-7073: Fixed insufficient validation of TSIG signatures (bsc#1018328). - CVE-2016-7074: Fixed insufficient validation of TSIG signatures ((bsc#1018328). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-01/msg00102.html E-Mail link for openSUSE-SU-2017:0183-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 openSUSE Leap 42.2 pdns-3.4.9-3.1 pdns-backend-ldap-3.4.9-3.1 pdns-backend-lua-3.4.9-3.1 pdns-backend-mydns-3.4.9-3.1 pdns-backend-mysql-3.4.9-3.1 pdns-backend-postgresql-3.4.9-3.1 pdns-backend-sqlite3-3.4.9-3.1 pdns-3.4.9-3.1 as a component of openSUSE Leap 42.1 pdns-backend-ldap-3.4.9-3.1 as a component of openSUSE Leap 42.1 pdns-backend-lua-3.4.9-3.1 as a component of openSUSE Leap 42.1 pdns-backend-mydns-3.4.9-3.1 as a component of openSUSE Leap 42.1 pdns-backend-mysql-3.4.9-3.1 as a component of openSUSE Leap 42.1 pdns-backend-postgresql-3.4.9-3.1 as a component of openSUSE Leap 42.1 pdns-backend-sqlite3-3.4.9-3.1 as a component of openSUSE Leap 42.1 pdns-3.4.9-3.1 as a component of openSUSE Leap 42.2 pdns-backend-ldap-3.4.9-3.1 as a component of openSUSE Leap 42.2 pdns-backend-lua-3.4.9-3.1 as a component of openSUSE Leap 42.2 pdns-backend-mydns-3.4.9-3.1 as a component of openSUSE Leap 42.2 pdns-backend-mysql-3.4.9-3.1 as a component of openSUSE Leap 42.2 pdns-backend-postgresql-3.4.9-3.1 as a component of openSUSE Leap 42.2 pdns-backend-sqlite3-3.4.9-3.1 as a component of openSUSE Leap 42.2 An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to an integer overflow when checking if the content of the record matches the expected size, allowing an attacker to cause a read past the buffer boundary. CVE-2016-2120 openSUSE Leap 42.1:pdns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-sqlite3-3.4.9-3.1 openSUSE Leap 42.2:pdns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-sqlite3-3.4.9-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-01/msg00102.html https://www.suse.com/security/cve/CVE-2016-2120.html CVE-2016-2120 https://bugzilla.suse.com/1018329 SUSE Bug 1018329 An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if the system becomes overloaded. This issue is based on the fact that the PowerDNS server parses all records present in a query regardless of whether they are needed or even legitimate. A specially crafted query containing a large number of records can be used to take advantage of that behaviour. CVE-2016-7068 openSUSE Leap 42.1:pdns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-sqlite3-3.4.9-3.1 openSUSE Leap 42.2:pdns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-sqlite3-3.4.9-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-01/msg00102.html https://www.suse.com/security/cve/CVE-2016-7068.html CVE-2016-7068 https://bugzilla.suse.com/1018326 SUSE Bug 1018326 An issue has been found in PowerDNS Authoritative Server before 3.4.11 and 4.0.2 allowing a remote, unauthenticated attacker to cause a denial of service by opening a large number of TCP connections to the web server. If the web server runs out of file descriptors, it triggers an exception and terminates the whole PowerDNS process. While it's more complicated for an unauthorized attacker to make the web server run out of file descriptors since its connection will be closed just after being accepted, it might still be possible. CVE-2016-7072 openSUSE Leap 42.1:pdns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-sqlite3-3.4.9-3.1 openSUSE Leap 42.2:pdns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-sqlite3-3.4.9-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-01/msg00102.html https://www.suse.com/security/cve/CVE-2016-7072.html CVE-2016-7072 https://bugzilla.suse.com/1018327 SUSE Bug 1018327 An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check of the TSIG time and fudge values was found in AXFRRetriever, leading to a possible replay attack. CVE-2016-7073 openSUSE Leap 42.1:pdns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-sqlite3-3.4.9-3.1 openSUSE Leap 42.2:pdns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-sqlite3-3.4.9-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-01/msg00102.html https://www.suse.com/security/cve/CVE-2016-7073.html CVE-2016-7073 https://bugzilla.suse.com/1018328 SUSE Bug 1018328 An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 4.0.4, allowing an attacker in position of man-in-the-middle to alter the content of an AXFR because of insufficient validation of TSIG signatures. A missing check that the TSIG record is the last one, leading to the possibility of parsing records that are not covered by the TSIG signature. CVE-2016-7074 openSUSE Leap 42.1:pdns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.1:pdns-backend-sqlite3-3.4.9-3.1 openSUSE Leap 42.2:pdns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-ldap-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-lua-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mydns-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-mysql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-postgresql-3.4.9-3.1 openSUSE Leap 42.2:pdns-backend-sqlite3-3.4.9-3.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-01/msg00102.html https://www.suse.com/security/cve/CVE-2016-7074.html CVE-2016-7074 https://bugzilla.suse.com/1018328 SUSE Bug 1018328