Groups | Search | Server Info | Login | Register

Groups > linux.debian.announce.security > #4801

[SECURITY] [DSA 6235-1] dnsdist security update

From Moritz Muehlenhoff <jmm@debian.org>
Newsgroups linux.debian.announce.security
Subject [SECURITY] [DSA 6235-1] dnsdist security update
Date 2026-04-28 21:20 +0200
Message-ID <MOW8p-16BI-13@gated-at.bofh.it> (permalink)
Organization linux.* mail to news gateway

Show all headers | View raw

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6235-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
April 28, 2026                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : dnsdist
CVE ID         : CVE-2026-0396  CVE-2026-0397  CVE-2026-24028
                 CVE-2026-24029 CVE-2026-24030 CVE-2026-27853
		 CVE-2026-27854 CVE-2026-33254 CVE-2026-33257
		 CVE-2026-33260 CVE-2026-33593 CVE-2026-33594 
                 CVE-2026-33595 CVE-2026-33596 CVE-2026-33597
		 CVE-2026-33598 CVE-2026-33599 CVE-2026-33602

Multiple security vulnerabilities were discovered in the dnsdist
DNS loadbalancer, which could result in denial of service, information
disclosure or ACL bypass.

For the stable distribution (trixie), these problems have been fixed in
version 1.9.14-0+deb13u1.

We recommend that you upgrade your dnsdist packages.

For the detailed security status of dnsdist please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/dnsdist

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmnxAa0ACgkQEMKTtsN8
TjaYzg//SM81gP4NJyYdmXp5toZtaiAZe6QLpkXP72yPg/BnmGnd6JgdCUOrdq1O
GqI+8ohX4sOO/MmOtruDSP6ai6mb5nLkIlZ1CwTFbx31m3nW3gy73A4bHriftQv9
HmFvpB/ItfFJ+cyTMTjAo+BCDeFRWMM55e/qxKr2gfV39jYIJckBV012QcKMfv9I
PGZA5jjcRnVHcK9TemMjPDgtJ5uGDU30oj3Y/7lj4jNv1tZzZDKzCZBS3fThmFbd
0RWJXHjYGjukb74WVOWnRF24MRAKuyG8WfhMgxwvGj278ZuQoYLlKHFVr/7OxpU1
Lh54+v8QH4gULFh+L9/rNyq+qHQM2iR9gUYMCi9xK5dL8vVPFjvOXH9DBEddJy1M
Ru/Si4zKws2IcxrjN2I3pulUTxMtqOEe/iRIiEcsG/iVi40ijKASJiIJGPlInPzK
O53KXXU46d3QLX1iIygZbz7U9UIlLzHG4kil3FkrOe4WdOffkF725Hea6S7MVvnf
mYyAK104ImA4S/XHoF0FgpXUliw1Nq+I4BWjvpV2edqhhKi6Y+dYXy7WAG4ou+Q2
3qqtAUuaHOi5ZVUYpGXyHryLhgjkyj10VDvjMpLp14elu1PzxIsnxbZMlloE52Da
Bi0NO4S3+icpuHPBANfO8aE/KmN/5wmTHqi2D1pS3u2Y9fmezNA=
=X/YM
-----END PGP SIGNATURE-----

Back to linux.debian.announce.security | Previous | Next | Find similar

Thread

[SECURITY] [DSA 6235-1] dnsdist security update Moritz Muehlenhoff <jmm@debian.org> - 2026-04-28 21:20 +0200

csiph-web