Software Update: PowerDNS Authoritative Server 4.1.5 / 4.0.6

PowerDNS is a dns server with a database as backend, which makes it easy to manage a large number of dns entries. The developers previously decided to release the two parts that make up PowerDNS, a recursor and an authoritative name server, so that they can release a new version more quickly and in a more targeted way, the developers said. The authoritative name server will only respond to a dns lookup if it pertains to the domains for which it is responsible. The developers have released PowerDNS Authoritative Server 4.1.5 and 4.0.6. The changes of these expenses are as follows:

Authoritative Server 4.1.5

This release fixes the following security advisories:

• PowerDNS Security Advisory 2018-03 (CVE-2018-10851)
• PowerDNS Security Advisory 2018-05 (CVE-2018-14626)

Improvements

• Apply alias scopemask after chasing (#6976)
• Release memory in case of error in the openssle ecdsa constructor (#6917)
• Switch to devtoolset 7 for el6 (#7118, #7040)

Bug Fixes

• Crafted zone record can cause a denial of service (CVE-2018-10851, #7149)
• Packet cache pollution via crafted query (CVE-2018-14626, #7149)
• Fix compilation with libressl 2.7.0+ (#6948, #6943)
• Actually truncate truncated responses (#6913)

Authoritative Server 4.0.6

This release fixes PowerDNS Security Advisory 2018-03 (CVE-2018-10851).

Bug fixes

• Crafted zone record can cause a denial of service (CVE-2018-10851, #7150)
• Skip v6-dependent test when pdns_test_no_ipv6 is set in environment (#6013)
• Fix el6 builds (#7135)

Improvements

• Prevent cname + other data with dnsupdate (#6315)
• Switch to devtoolset 7 for el6 (#7119)