{"id":"MGASA-2019-0051","summary":"Updated pdns-recursor package fixes security vulnerabilities","details":"An issue has been found in PowerDNS Recursor where Lua hooks are not\nproperly applied to queries received over TCP in some specific\ncombination of settings, possibly bypassing security policies enforced\nusing Lua (CVE-2019-3806).\n\nAn issue has been found in PowerDNS Recursor where records in the answer\nsection of responses received from authoritative servers with the AA\nflag not set were not properly validated, allowing an attacker to bypass\nDNSSEC validation (CVE-2019-3807).\n","modified":"2026-04-16T00:10:14.028399497Z","published":"2019-01-23T15:50:09Z","upstream":["CVE-2019-3806","CVE-2019-3807"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0051.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=24218"},{"type":"ADVISORY","url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html"},{"type":"ADVISORY","url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html"}],"affected":[{"package":{"name":"pdns-recursor","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/pdns-recursor?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.1.9-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0051.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}