[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for pdns issue

Fri May 1 19:52:50 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11513a6b by Salvatore Bonaccorso at 2026-05-01T20:52:25+02:00
Add Debian bug reference for pdns issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5022,25 +5022,25 @@ CVE-2026-34413 (Xerte Online Toolkits versions 3.15 and earlier contain a missin
 	NOT-FOR-US: Xerte Online Toolkits
 CVE-2026-33611 (An operator allowed to use the REST API can cause the Authoritative se ...)
 	{DSA-6233-1}
-	- pdns <unfixed>
+	- pdns <unfixed> (bug #1135373)
 	[bookworm] - pdns <end-of-life> (See #1119290)
 	[bullseye] - pdns <end-of-life> (see DLA 4471)
 	NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#insufficient-validation-of-https-and-svcb-records
 CVE-2026-33610 (A rogue primary server may cause file descriptor exhaustion and eventu ...)
 	{DSA-6233-1}
-	- pdns <unfixed>
+	- pdns <unfixed> (bug #1135373)
 	[bookworm] - pdns <end-of-life> (See #1119290)
 	[bullseye] - pdns <end-of-life> (see DLA 4471)
 	NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#possible-file-descriptor-exhaustion-in-forward-dnsupdate
 CVE-2026-33609 (Incomplete escaping of LDAP queries when running with 8bit-dns enabled ...)
 	{DSA-6233-1}
-	- pdns <unfixed>
+	- pdns <unfixed> (bug #1135373)
 	[bookworm] - pdns <end-of-life> (See #1119290)
 	[bullseye] - pdns <end-of-life> (see DLA 4471)
 	NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#ldap-dn-injection
 CVE-2026-33608 (An attacker can send a notify request that causes a new secondary doma ...)
 	{DSA-6233-1}
-	- pdns <unfixed>
+	- pdns <unfixed> (bug #1135373)
 	[bookworm] - pdns <end-of-life> (See #1119290)
 	[bullseye] - pdns <end-of-life> (see DLA 4471)
 	NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html#incomplete-domain-name-sanitization-during-bind-autosecondary-zone-transfer
@@ -5689,7 +5689,7 @@ CVE-2026-33257 (An attacker can send a web request that causes unlimited memory
 	- pdns-recursor 5.3.0-1
 	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
 	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
-	- pdns <unfixed>
+	- pdns <unfixed> (bug #1135373)
 	[bookworm] - pdns <end-of-life> (See #1119290)
 	[bullseye] - pdns <end-of-life> (see DLA 4471)
 	NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33257-insufficient-input-validation-of-internal-webserver
@@ -5705,7 +5705,7 @@ CVE-2026-33260 (An attacker can send a web request that causes unlimited memory
 	- pdns-recursor 5.3.0-1
 	[bookworm] - pdns-recursor <end-of-life> (see DSA 6045)
 	[bullseye] - pdns-recursor <end-of-life> (see DSA 6045)
-	- pdns <unfixed>
+	- pdns <unfixed> (bug #1135373)
 	[bookworm] - pdns <end-of-life> (See #1119290)
 	[bullseye] - pdns <end-of-life> (see DLA 4471)
 	NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33260-insufficient-input-validation-of-internal-webserver



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11513a6b9233fc726dbcb72978206df8af78b615

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11513a6b9233fc726dbcb72978206df8af78b615
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260501/26d5cfc5/attachment.htm>
