Update Info


Security update for pdns-recursor

Type: security
Severity: important
Issued: 2023-05-02
This update for pdns-recursor fixes the following issues:

pdns-recursor was updated to 4.6.6:

* fixes deterred spoofing attempts can lead to authoritative
  servers being marked unavailable (boo#1209897, CVE-2023-26437)

Fixes in 4.6.5:

* When an expired NSEC3 entry is seen, move it to the front
  of the expiry queue
* Log invalid RPZ content when obtained via IXFR
* Detect invalid bytes in makeBytesFromHex()
* Timeout handling for IXFRs as a client

Fixes in 4.6.4:

* Check qperq limit if throttling happened, as it increases counters
* Failure to retrieve DNSKEYs of an Insecure zone should not be fatal
* Resize answer length to actual received length in udpQueryResponse



  • pdns-recursor-4.6.6-bp154.2.6.1