PowerDNS Authoritative 4.3.1, 4.2.3 and 4.1.14

Sep 22, 2020

Today we have released PowerDNS Authoritative Server versions 4.3.1, 4.2.3 and 4.1.14, containing a fix for PowerDNS Security Advisory 2020-05.

Additionally, we are publishing PowerDNS Security Advisory 2020-06 today (‘Various issues have been found in our GSS-TSIG support, where an unauthorized attacker could cause crashes, possibly leak uninitialised memory, and possibly execute arbitrary code.’). Our GSS-TSIG support was never shipped in any packages by us or, to our knowledge, any other distributions. The GSS-TSIG code will be gone in version 4.4.0. We’ve chosen to leave the code intact for older versions, so that users that do rely on it today can keep doing so, keeping in mind the risks detailed in Advisory 2020-06.

Regarding 2020-05: an issue has been found in PowerDNS Authoritative Server where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Such a user could be a customer inserting data via a control panel, or somebody with access to the REST API. Crafted records cannot be inserted via AXFR. This issue is resolved in the versions mentioned above. (4.1.14 changelog, 4.2.3 changelog)

Version 4.3.1 also contains various other bug fixes and improvements, please see the changelog for all details.

The 4.3.1 tarball (signature), 4.2.3 tarball (signature) and 4.1.14 tarball (signature) are available at downloads.powerdns.com and packages for various Linux distributions are available from our repository.

4.0 and older releases are EOL, refer to the documentation for details about our release cycles.

Please send us all feedback and issues you might have via the mailing list or our IRC channel, or in case of a bug, via GitHub.

About the author

Peter van Dijk

Peter van Dijk

Senior Developer at PowerDNS

Related Articles

PowerDNS Recursor 5.1.0 Released

We are proud to announce the release of PowerDNS Recursor 5.1.0!

Otto Moerbeek Jul 10, 2024

PowerDNS Recursor 4.9.7 and 5.0.7 Released

Today we have released PowerDNS Recursor 4.9.7 and 5.0.7. These releases are maintenance releases that fix a few bugs. The...

Otto Moerbeek Jul 3, 2024

PowerDNS Recursor 5.1.0-rc1 Released

We are proud to announce the first release candidate of PowerDNS Recursor 5.1.0!

Otto Moerbeek Jun 25, 2024

PowerDNS Recursor 5.1.0-beta1 Released

We are proud to announce the first beta release of PowerDNS Recursor 5.1.0!

Otto Moerbeek Jun 6, 2024