Updated pdns-recursor package fixes security vulnerability
Publication date: 24 May 2018Modification date: 24 May 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1000003
Description
An issue has been found in the DNSSEC validation component of PowerDNS Recursor, allowing an ancestor delegation NSEC or NSEC3 record to be used to wrongfully prove the non-existence of a RR below the owner name of that record. This would allow an attacker in position of man-in-the-middle to send a NXDOMAIN answer for a name that does exist (CVE-2018-1000003).
References
- https://bugs.mageia.org/show_bug.cgi?id=22935
- https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-01.html
- https://blog.powerdns.com/2018/03/29/powerdns-recursor-4-1-2-released/
- https://lists.opensuse.org/opensuse-updates/2018-04/msg00033.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000003
SRPMS
6/core
- pdns-recursor-4.1.2-3.mga6