{"id":"MGASA-2020-0393","summary":"Updated pdns-recursor package fixes a security vulnerability","details":"An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5,\nand 4.3.x before 4.3.5. A remote attacker can cause the cached records for a\ngiven name to be updated to the Bogus DNSSEC validation state, instead of\ntheir actual DNSSEC Secure state, via a DNS ANY query. This results in a\ndenial of service for installation that always validate (dnssec=validate),\nand for clients requesting validation when on-demand validation is enabled\n(dnssec=process). (CVE-2020-25829)\n","modified":"2026-04-16T04:44:26.130669742Z","published":"2020-10-24T17:51:47Z","upstream":["CVE-2020-25829"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0393.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=27400"},{"type":"ADVISORY","url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html"},{"type":"WEB","url":"https://doc.powerdns.com/recursor/changelog/4.1.html#change-4.1.18"}],"affected":[{"package":{"name":"pdns-recursor","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/pdns-recursor?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.1.18-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0393.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}