Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2018-10851 CVE-2018-14626 CVE-2018-14644

Related Vulnerabilities: CVE-2018-10851   CVE-2018-14626   CVE-2018-14644  

Source

Debian Bug report logs - #913162
CVE-2018-10851 CVE-2018-14626 CVE-2018-14644

version graph

Package: pdns-recursor; Maintainer for pdns-recursor is pdns-recursor packagers <pdns-recursor@packages.debian.org>; Source for pdns-recursor is src:pdns-recursor (PTS, buildd, popcon).

Reported by: Moritz Muehlenhoff <jmm@debian.org>

Date: Wed, 7 Nov 2018 18:33:02 UTC

Severity: grave

Tags: security, upstream

Found in version pdns-recursor/4.1.4-3

Fixed in version pdns-recursor/4.1.7-1

Done: Chris Hofstaedtler <zeha@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, pdns-recursor packagers <pdns-recursor@packages.debian.org>:
Bug#913162; Package pdns-recursor. (Wed, 07 Nov 2018 18:33:04 GMT) (full text, mbox, link).

Acknowledgement sent to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, pdns-recursor packagers <pdns-recursor@packages.debian.org>. (Wed, 07 Nov 2018 18:33:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CVE-2018-10851 CVE-2018-14626 CVE-2018-14644
Date: Wed, 07 Nov 2018 19:30:45 +0100
Package: pdns-recursor
Severity: grave
Tags: security

Please see

CVE-2018-10851:
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html
https://downloads.powerdns.com/patches/2018-04/

CVE-2018-14626:
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-06.html
https://downloads.powerdns.com/patches/2018-06/

CVE-2018-14644:
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-07.html
https://downloads.powerdns.com/patches/2018-07/

Cheers,
        Moritz

Marked as found in versions pdns-recursor/4.1.4-3. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 07 Nov 2018 19:48:10 GMT) (full text, mbox, link).

Added tag(s) upstream. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 07 Nov 2018 19:48:11 GMT) (full text, mbox, link).

Reply sent to Chris Hofstaedtler <zeha@debian.org>:
You have taken responsibility. (Fri, 09 Nov 2018 20:45:08 GMT) (full text, mbox, link).

Notification sent to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer. (Fri, 09 Nov 2018 20:45:08 GMT) (full text, mbox, link).

Message #14 received at 913162-close@bugs.debian.org (full text, mbox, reply):

From: Chris Hofstaedtler <zeha@debian.org>
To: 913162-close@bugs.debian.org
Subject: Bug#913162: fixed in pdns-recursor 4.1.7-1
Date: Fri, 09 Nov 2018 20:41:49 +0000
Source: pdns-recursor
Source-Version: 4.1.7-1

We believe that the bug you reported is fixed in the latest version of
pdns-recursor, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 913162@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Hofstaedtler <zeha@debian.org> (supplier of updated pdns-recursor package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 09 Nov 2018 19:44:44 +0000
Source: pdns-recursor
Binary: pdns-recursor
Architecture: source
Version: 4.1.7-1
Distribution: unstable
Urgency: medium
Maintainer: pdns-recursor packagers <pdns-recursor@packages.debian.org>
Changed-By: Chris Hofstaedtler <zeha@debian.org>
Description:
 pdns-recursor - PowerDNS Recursor
Closes: 913162
Changes:
 pdns-recursor (4.1.7-1) unstable; urgency=medium
 .
   * New upstream version 4.1.7, including fixes for:
     CVE-2018-10851 CVE-2018-14626 CVE-2018-14644
     (Closes: #913162).
   * Remove upstream applied patch.
Checksums-Sha1:
 5ead1d2832317f120ea384cf8a772cc1faa8e5ba 2361 pdns-recursor_4.1.7-1.dsc
 b4173dffbb3d9f27dd7a1fd3b1d79ef62ccdc502 1237866 pdns-recursor_4.1.7.orig.tar.bz2
 aeb0c856e4c47b753982473f70c61bfefd89846e 21072 pdns-recursor_4.1.7-1.debian.tar.xz
 0a06ae0a64c3f8ecec59f72967c70e2a6f508d59 7478 pdns-recursor_4.1.7-1_source.buildinfo
Checksums-Sha256:
 6d7f57fb027699eeb715fd0832cad20562cf0e686b9913ed9f740cce83ea2827 2361 pdns-recursor_4.1.7-1.dsc
 9a045cfd1d3b195f3166170c2cb120bea08926c6474ebc67e8020edf1deddb6b 1237866 pdns-recursor_4.1.7.orig.tar.bz2
 ee138e8f5dc738e77534465b181ff7766e2e364c7e049c8b799b10f82e186e3e 21072 pdns-recursor_4.1.7-1.debian.tar.xz
 ae64ce0495046428ca14248fd3f64e00a2cb6fd765fe136113622c62bd980795 7478 pdns-recursor_4.1.7-1_source.buildinfo
Files:
 b137f1614e68c46227965bf49e116567 2361 net optional pdns-recursor_4.1.7-1.dsc
 e09f6b82f0cecd292efaf6e8dc835a45 1237866 net optional pdns-recursor_4.1.7.orig.tar.bz2
 178eef8ac24be847be91745d92a89d6c 21072 net optional pdns-recursor_4.1.7-1.debian.tar.xz
 ac6630ed208846e943211042aba372e1 7478 net optional pdns-recursor_4.1.7-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfRrP+tnggGycTNOSXBPW25MFLgMFAlvl5h4ACgkQXBPW25MF
LgN12RAAmpl/1wNv9PiqlQT8p/4P4tn4UhBDdiXSggne7JMGVv3+kH6YCJxaxTM4
lTcRR8KbgYyMP0tmj3+F7qElL2ZdYNH+H1x/p+X/9MS93gBlx7T+5y0K5HxCeq6g
HB1xrKQEEQ2ZLVB8TodsV0kGExQ7x6RsW+f/KgZETf/2MyHj6kNE/mZW8vM/IoU3
kpE6sABQK0mmfmviMw06GAgvEsPAe0kY/kQWXrmNtLBjukiasZYNT0N9NCsWKhVL
HjjkIrj5sjzFl6+56ENWtGkmpan6LBvUwCnpmBBqHebpsWw7AUYOZ/opKfqn5+Qy
XEjg7I8+20O6Uo2msRsyLMkAKerED4+3zcCOYbRnoKuZh4JW7bIMKjdDmgZ9AmDD
+6qnJtMYxAX0w30BrnYmpXVKsGK/rFbXdKBVtbFOryCPFaoRm4mGO7uY5qq4ooo7
7y6mkOQQM3auXp9qNf2x4z0iLYe9AvL+C1QIptrFhzIWH7sWQeM03eanqyNJYoEh
ui6vQInXdsww+zXOA37EfbyAigdidlK+Ak3kGMKp1hoe7Qk9paayIviJnZg6VBW9
PToec+fOz9dGUrPm/bVdvhNqQJg1uHLbAAS9GuAexf/cWtyssyy0v2MzaGKGHLCX
+LBe4HoZwvejtlrWYPDMkKRKpYAqE6oQrFirFVaS0GbhZonSmTc=
=COvn
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 17 Dec 2018 07:38:18 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 16:07:06 2019; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started