Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-15094

An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default).

Related bugs and status

CVE-2017-15094 (Candidate) is related to these bugs:

Bug #1652393: please sync newer packages back to 16.04 LTS

Summary				In	Importance	Status
	1652393	please sync newer packages back to 16.04 LTS		pdns-recursor (Ubuntu)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://doc.powerdns.c...
BID: 101982