OPENSUSE-SU-2019:1904-1

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2019-10162 CVE-2019-10163 CVE-2019-10203

Published: 15 Aug 2019, 09:41

Last modified:04 Feb 2026, 02:57

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

15 Aug 2019, 09:41

Published

Vulnerability first disclosed

04 Feb 2026, 02:57

Last Modified

Vulnerability information updated

Description

Security update for pdns This update for pdns fixes the following issues: Security issues fixed: - CVE-2019-10203: Updated PostgreSQL schema to address a possible denial of service by an authorized user by inserting a crafted record in a MASTER type zone under their control. (boo#1142810) - CVE-2019-10162: Fixed a denial of service but when authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. (boo#1138582) - CVE-2019-10163: Fixed a denial of service of slave server when an authorized master server sends large number of NOTIFY messages. (boo#1138582) Non-security issues fixed: - Enabled the option to disable superslave support. - Fixed `pdnsutil b2b-migrate` to not lose NSEC3 settings.

Affected Systems

opensuse•pdns&distro=openSUSE Leap 15.0
< 4.1.2-bp150.2.9.1
opensuse•pdns&distro=openSUSE Leap 15.1
< 4.1.2-bp150.2.9.1
suse•pdns&distro=SUSE Package Hub 12 SP1
< 4.1.2-bp150.2.9.1
suse•pdns&distro=SUSE Package Hub 15
< 4.1.2-bp150.2.9.1

OPENSUSE-SU-2019:1904-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (6)