PowerDNS Authoritative Server 4.0.1 released

We’re happy to announce the release of the PowerDNS Authoritative Server 4.0.1. The first bugfix release for the 4.0 series.

This release fixes several small issues and adds a setting to limit AXFR and IXFR sizes, in response to CVE-2016-6172.

Bug fixes

  • #4126 Wait for the connection to the carbon server to be established
  • #4206 Don’t try to deallocate empty PG statements
  • #4245 Send the correct response when queried for an NSEC directly (Kees Monshouwer)
  • #4252 Don’t include bind files if length <= 2 or > sizeof(filename)
  • #4255 Catch runtime_error when parsing a broken MNAME


  • #4044 Make DNSPacket return a ComboAddredd for local and remote (Aki Tuomi)
  • #4056 OpenSSL 1.1.0 support (Christian Hofstaedtler)
  • #4169 Fix typos in a logmessage and exception (Christian Hofsteadtler)
  • #4183 pdnsutil: Remove checking of ctime and always diff the changes (Hannu Ylitalo)
  • #4192 dnsreplay: Only add Client Subnet stamp when asked
  • #4250 Use toLogString() for ringAccount (Kees Monshouwer)


  • #4133 Add limits to the size of received {A,I}XFR
  • #4142 Add used filedescriptor statistic (Kees Monshouwer)

The sources are on the downloads site(sig). Packages for several distributions are available from our repositories.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s