[Git][security-tracker-team/security-tracker][master] new dnsdist issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jun 25 15:59:18 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a0a1c8c1 by Moritz Muehlenhoff at 2026-06-25T16:56:18+02:00
new dnsdist issues
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2026-40211
+ - dnsdist <unfixed>
+ [bookworm] - dnsdist <end-of-life> (See #1119290)
+ [bullseye] - dnsdist <end-of-life> (see #1119290)
+ NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40211-denial-of-service-via-crafted-doh3-queries
+CVE-2026-40210
+ - dnsdist <unfixed>
+ [bookworm] - dnsdist <end-of-life> (See #1119290)
+ [bullseye] - dnsdist <end-of-life> (see #1119290)
+ NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40210-out-of-bounds-read-in-setmacaddraction
+CVE-2026-40209
+ - dnsdist <unfixed>
+ [bookworm] - dnsdist <end-of-life> (See #1119290)
+ [bullseye] - dnsdist <end-of-life> (see #1119290)
+ NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40209-denial-of-service-via-ixfr-queries
+CVE-2026-40208
+ - dnsdist <unfixed>
+ [bookworm] - dnsdist <end-of-life> (See #1119290)
+ [bullseye] - dnsdist <end-of-life> (see #1119290)
+ NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40208-denial-of-service-via-doh3-queries
+CVE-2026-42004
+ - dnsdist <unfixed>
+ [bookworm] - dnsdist <end-of-life> (See #1119290)
+ [bullseye] - dnsdist <end-of-life> (see #1119290)
+ NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-42004-edns-options-smuggling
+CVE-2026-40011
+ - dnsdist <unfixed>
+ [bookworm] - dnsdist <end-of-life> (See #1119290)
+ [bullseye] - dnsdist <end-of-life> (see #1119290)
+ NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-40011-prometheus-denial-of-service-via-crafted-dns-queries
CVE-2026-52690
- pdns-recursor <unfixed>
[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
@@ -31,10 +61,14 @@ CVE-2026-42005
- pdns <unfixed>
[bookworm] - pdns <end-of-life> (See #1119290)
[bullseye] - pdns <end-of-life> (see DLA 4471)
+ - dnsdist <unfixed>
+ [bookworm] - dnsdist <end-of-life> (See #1119290)
+ [bullseye] - dnsdist <end-of-life> (see #1119290)
NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-08.html#cve-2026-42005-unbounded-resource-consumption-in-internal-webserver
- NOTE: Only affects 5.2.x, marking first 5.3 upload as fixed version
+ NOTE: Only affects pdns-rec 5.2.x, marking first 5.3 upload as fixed version
NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-07.html
NOTE: https://github.com/PowerDNS/pdns/commit/11e4f2da8259e5070e7a193f48d23ade38b71dc0
+ NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-09.html#cve-2026-42005-insufficient-input-validation-of-internal-web-server
CVE-2026-40012
- pdns-recursor <unfixed>
[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
=====================================
data/dsa-needed.txt
=====================================
@@ -21,6 +21,8 @@ containerd
--
cups
--
+dnsdist (jmm)
+--
dulwich
--
erlang
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0a1c8c1ebda8e91dc5552166af0845563851d8c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0a1c8c1ebda8e91dc5552166af0845563851d8c
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260625/a12cb40a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list