[Git][security-tracker-team/security-tracker][master] Add initial tracking for pdns-recursor issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1e5cf798 by Salvatore Bonaccorso at 2026-04-23T06:54:37+02:00
Add initial tracking for pdns-recursor issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -319,19 +319,33 @@ CVE-2026-33609 (Incomplete escaping of LDAP queries when running with 8bit-dns e
 CVE-2026-33608 (An attacker can send a notify request that causes a new secondary doma ...)
 	TODO: check
 CVE-2026-33601 (If you use the zoneToCache function with a malicious authoritative ser ...)
-	TODO: check
+	- pdns-recursor 5.4.1-1
+	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
+	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
 CVE-2026-33600 (An RPZ sent by a malicious authoritative server can result in a null p ...)
-	TODO: check
+	- pdns-recursor 5.4.1-1
+	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
+	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
 CVE-2026-33262 (An attacker can send replies that result in a null pointer dereference ...)
-	TODO: check
+	- pdns-recursor 5.4.1-1
+	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
+	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
 CVE-2026-33261 (A zone transition from NSEC to NSEC3 might trigger an internal inconsi ...)
-	TODO: check
+	- pdns-recursor 5.4.1-1
+	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
+	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
 CVE-2026-33259 (Having many concurrent transfers of the same RPZ can lead to inconsist ...)
-	TODO: check
+	- pdns-recursor 5.4.1-1
+	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
+	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
 CVE-2026-33258 (By publishing and querying a crafted zone an attacker can cause alloca ...)
-	TODO: check
+	- pdns-recursor 5.4.1-1
+	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
+	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
 CVE-2026-33256 (An attacker can send a web request that causes unlimited memory alloca ...)
-	TODO: check
+	- pdns-recursor 5.4.1-1
+	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
+	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
 CVE-2026-32885 (DDEV is an open-source tool for running local web development environm ...)
 	TODO: check
 CVE-2026-31530 (In the Linux kernel, the following vulnerability has been resolved:  c ...)
@@ -852,11 +866,17 @@ CVE-2026-33257 (An attacker can send a web request that causes unlimited memory
 	- dnsdist 2.0.4-1
 	[bookworm] - dnsdist <end-of-life> (See #1119290)
 	[bullseye] - dnsdist <end-of-life> (see #1119290)
+	- pdns-recursor 5.4.1-1
+	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
+	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
 	NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33257-insufficient-input-validation-of-internal-webserver
 CVE-2026-33260 (An attacker can send a web request that causes unlimited memory alloca ...)
 	- dnsdist 2.0.4-1
 	[bookworm] - dnsdist <end-of-life> (See #1119290)
 	[bullseye] - dnsdist <end-of-life> (see #1119290)
+	- pdns-recursor 5.4.1-1
+	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
+	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
 	NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33260-insufficient-input-validation-of-internal-webserver
 CVE-2026-33593 (A client can trigger a divide by zero error leading to crash by sendin ...)
 	- dnsdist 2.0.4-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e5cf7989b02514ea841a825f7eaabf438e87bef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e5cf7989b02514ea841a825f7eaabf438e87bef
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260423/6f7d4c4a/attachment-0001.htm>