{"affected":[{"ecosystem_specific":{"binaries":[{"pdns-recursor":"4.6.3-bp154.2.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP4","name":"pdns-recursor","purl":"pkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.3-bp154.2.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"pdns-recursor":"4.6.3-bp154.2.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.4","name":"pdns-recursor","purl":"pkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Leap%2015.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.3-bp154.2.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for pdns-recursor fixes the following issues:\n\npdns-recursor was updated to 4.6.3:\n\n* fixes incomplete exception handling related to protobuf message generation (boo#1202664, CVE-2022-37428)\n\npdns-recursor was updated to 4.6.2:\n\n* Reject non-apex NSEC(3)s that have both the NS and SOA bits set\n* A CNAME answer on DS query should abort DS retrieval\n* Allow disabling of processing the root hints\n* If we get NODATA on an AAAA in followCNAMERecords, try native dns64\n","id":"openSUSE-SU-2022:10171-1","modified":"2022-10-30T15:07:10Z","published":"2022-10-30T15:07:10Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QTTGUFMAXOAIF5ITDWH77TARHQP4EO3F/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1202664"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-37428"}],"related":["CVE-2022-37428"],"summary":"Security update for pdns-recursor","upstream":["CVE-2022-37428"]}