Debian Patches
Status for dnsdist/1.9.10-1+deb13u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| upstream/CVE-2025-8671-CVE-2025-30187-1.9.10.patch | PowerDNS Security Advisory 2025-05 for DNSdist: Denial of service via crafted DoH exchange While working on adding mitigations against the MadeYouReset (CVE-2025-8671) attack, we noticed a potential denial of service in our DNS over HTTPS implementation when using the nghttp2 provider: an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources. We assigned CVE-2025-30187 to this issue. diff -ruw dnsdist-1.9.10.orig/dnsdist-doh-common.hh dnsdist-1.9.10/dnsdist-doh-common.hh |
Remi Gacogne <remi.gacogne@powerdns.com> | no | debian | 2025-09-11 |
All known versions for source package 'dnsdist'
- 2.0.1-1 (sid, forky)
- 1.9.10-1+deb13u1 (trixie)
- 1.7.3-2 (bookworm)