Bug#1063852: marked as done (pdns-recursor: crafted DNSSEC records in a zone can lead to a denial of service in Recursor (CVE-2023-50387 CVE-2023-50868))

[Debian Bug Tracking System]

Your message dated Wed, 14 Feb 2024 17:06:11 +0000
with message-id <e1raii3-005dqn...@fasolo.debian.org>
and subject line Bug#1063852: fixed in pdns-recursor 4.9.3-1
has caused the Debian Bug report #1063852,
regarding pdns-recursor: crafted DNSSEC records in a zone can lead to a denial 
of service in Recursor (CVE-2023-50387 CVE-2023-50868)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1063852: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: pdns-recursor
Version: 4.9.2-2
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>

Hi,

The following vulnerabilities were published for pdns-recursor.

CVE-2023-50387[0] and CVE-2023-50868[1].

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-50387
    https://www.cve.org/CVERecord?id=CVE-2023-50387
[1] https://security-tracker.debian.org/tracker/CVE-2023-50868
    https://www.cve.org/CVERecord?id=CVE-2023-50868
[2] 
https://blog.powerdns.com/2024/02/13/powerdns-recursor-4-8-6-4-9-3-5-0-2-released

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Source: pdns-recursor
Source-Version: 4.9.3-1
Done: Chris Hofstaedtler <z...@debian.org>

We believe that the bug you reported is fixed in the latest version of
pdns-recursor, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1063...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Hofstaedtler <z...@debian.org> (supplier of updated pdns-recursor package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 14 Feb 2024 17:18:22 +0100
Source: pdns-recursor
Architecture: source
Version: 4.9.3-1
Distribution: unstable
Urgency: medium
Maintainer: pdns-recursor packagers <pdns-recur...@packages.debian.org>
Changed-By: Chris Hofstaedtler <z...@debian.org>
Closes: 1063852
Changes:
 pdns-recursor (4.9.3-1) unstable; urgency=medium
 .
   * New upstream version 4.9.3, including fixes for
     CVE-2023-50387 and CVE-2023-50868. (Closes: #1063852)
Checksums-Sha1:
 1bda797deed31e9e9cd0ef3fa1b5b2e92b3c7e09 2871 pdns-recursor_4.9.3-1.dsc
 086fdad1fd0733240fa1460a3fc4adf2ac521bd9 1581876 
pdns-recursor_4.9.3.orig.tar.bz2
 f0cece47c1ff6ec7edd2b7293bf2b6f68f172b8c 488 
pdns-recursor_4.9.3.orig.tar.bz2.asc
 96b32706f220e12ecfe7110a0489277faa99c0b0 23644 
pdns-recursor_4.9.3-1.debian.tar.xz
 c3dfdd91efa821677c9b911e8d17f1ddba2ffcc8 9707 
pdns-recursor_4.9.3-1_arm64.buildinfo
Checksums-Sha256:
 5b7c13214737d7fff1cd36cddf81ff71d94d2b0e19a639c7dd72c86993f6a6be 2871 
pdns-recursor_4.9.3-1.dsc
 166045305149decde95821f76f069b665f6b2122dff7d46ab952d50d9f01ed4b 1581876 
pdns-recursor_4.9.3.orig.tar.bz2
 05bc8876f9258ed21657ca870baa8213e69bf765d35590a1299870c52fbc407d 488 
pdns-recursor_4.9.3.orig.tar.bz2.asc
 eb961a82929ffcde88c497930e5fe428e6aa709c7aefa931401d3c78a5a6a6b0 23644 
pdns-recursor_4.9.3-1.debian.tar.xz
 db9b738b5fa5f07e8c796dd25de21830f9682b7a12a29a18bb16ff87e4a7770e 9707 
pdns-recursor_4.9.3-1_arm64.buildinfo
Files:
 a09f98e18d914c8ce135717cdf6a561f 2871 net optional pdns-recursor_4.9.3-1.dsc
 faced7a432b9ffd78d7117b6de0b4137 1581876 net optional 
pdns-recursor_4.9.3.orig.tar.bz2
 966b6fb2ece0b2f9b3dc5828b3dff0d6 488 net optional 
pdns-recursor_4.9.3.orig.tar.bz2.asc
 8e76bf596b4a5eb652f85e5d62176ca0 23644 net optional 
pdns-recursor_4.9.3-1.debian.tar.xz
 8dff60083170bcaecfad314c3de8cc2c 9707 net optional 
pdns-recursor_4.9.3-1_arm64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfRrP+tnggGycTNOSXBPW25MFLgMFAmXM7nUACgkQXBPW25MF
LgPwUQ//YW/7jFAbtXVpNEJ1e02jduaBXV5zxAwN+RIEEqIMsr2qOKUd43F6TrSp
Hs7l3gZZJ7Ad0MHLKMrLynHZlpBGUJglc0BCa16rgWnaPGCjj3pK83EbfldmlIEX
dtELFkwLcSnVDN1AtDJi/XoSOXH1kRweiPKc30XMjGk4LXcef4lJO1PfGT+sRCp2
Cf25r6JYyX4caLcACyNEOU0Q6BWMC83ija9vbhqb4DUVZw9XPklFg64wBVgeB3oQ
btDNqC84gVBMht5ZuLzRHfmDhoJ8Pa6JkXVlWmE/lFoWjW6PTumAgMz6Z07Zbaup
OeRGtVwxaVGROmr4YMTJl6piIhRKBvOLZPU/q75x1BwTxtpABM96tmUWhwqP9BwV
0rBEtuC0hIVDj/miFJWu7FcoMHjT56J0IPLwUD2psNmCq9PqfXkicYXLwcJk8j+K
zd3KiXykgrOEVeDDTMVu6L3Vj+4EQ/xIsXM9kcHPUC0E4cB2bOiQdnuGQ5Cbufcp
4WPkt33tUiMnDm+qzHIGHvHw8vW7EQd9kV70lEFEjGC5kj5xhHxOfUGRXT5Njvbg
+Imp3o0QX+DU1jm/J2SIbdkOXjnOYxsTWAgxDoBRtsA+gfiYkI4ypIE4r/C3HWAe
m22LIEPSpGV7IBhguwcaIdnNl12z/d5deOrCjNRudbA6GZgpSZk=
=41nW
-----END PGP SIGNATURE-----

pgpr3Kkochb7P.pgp
Description: PGP signature

--- End Message ---