Debian Package Tracker
Register | Log in
Subscribe

dnsdist

DNS loadbalancer

Choose email to subscribe with

general
  • source: dnsdist (main)
  • version: 1.9.10-1
  • maintainer: dnsdist packagers (DMD)
  • uploaders: Chris Hofstaedtler [DMD]
  • arch: any
  • std-ver: 4.5.1
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 1.3.3-3
  • oldstable: 1.5.1-3
  • stable: 1.7.3-2
  • testing: 1.9.10-1
  • unstable: 1.9.10-1
versioned links
  • 1.3.3-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.5.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.7.3-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.9.10-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • dnsdist (1 bugs: 0, 0, 1, 0)
action needed
2 security issues in bullseye high

There are 2 open security issues in bullseye.

1 important issue:
  • CVE-2025-30193: In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention.
1 issue postponed or untriaged:
  • CVE-2023-44487: (needs triaging) The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Created: 2025-05-21 Last update: 2025-05-26 22:00
2 security issues in bookworm high

There are 2 open security issues in bookworm.

1 important issue:
  • CVE-2025-30193: In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention.
1 issue left for the package maintainer to handle:
  • CVE-2023-44487: (needs triaging) The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-11-13 Last update: 2025-05-26 22:00
lintian reports 1 warning normal
Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.
Created: 2025-05-22 Last update: 2025-05-22 11:30
Build log checks report 1 warning low
Build log checks report 1 warning
Created: 2017-10-26 Last update: 2024-05-26 02:37
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.5.1).
Created: 2021-08-18 Last update: 2025-05-22 06:32
testing migrations
  • This package will soon be part of the auto-libsodium transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
news
[rss feed]
  • [2025-05-27] dnsdist 1.9.10-1 MIGRATED to testing (Debian testing watch)
  • [2025-05-21] Accepted dnsdist 1.9.10-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2025-05-09] dnsdist 1.9.9-1 MIGRATED to testing (Debian testing watch)
  • [2025-04-29] Accepted dnsdist 1.9.9-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2024-12-23] dnsdist 1.9.8-1 MIGRATED to testing (Debian testing watch)
  • [2024-12-17] Accepted dnsdist 1.9.8-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2024-08-02] dnsdist 1.9.6-1 MIGRATED to testing (Debian testing watch)
  • [2024-07-27] Accepted dnsdist 1.9.6-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2024-07-01] dnsdist 1.9.5-1 MIGRATED to testing (Debian testing watch)
  • [2024-06-24] Accepted dnsdist 1.9.5-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2024-05-31] dnsdist 1.9.4-1 MIGRATED to testing (Debian testing watch)
  • [2024-05-25] Accepted dnsdist 1.9.4-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2024-05-03] dnsdist 1.9.3-1 MIGRATED to testing (Debian testing watch)
  • [2024-04-05] Accepted dnsdist 1.9.3-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2024-04-02] Accepted dnsdist 1.8.3-3 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2024-01-17] dnsdist 1.8.3-2 MIGRATED to testing (Debian testing watch)
  • [2024-01-12] Accepted dnsdist 1.8.3-2 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2023-12-21] dnsdist 1.8.3-1 MIGRATED to testing (Debian testing watch)
  • [2023-12-15] Accepted dnsdist 1.8.3-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2023-11-24] dnsdist 1.8.2-3 MIGRATED to testing (Debian testing watch)
  • [2023-11-16] Accepted dnsdist 1.8.2-3 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2023-11-16] dnsdist 1.8.2-2 MIGRATED to testing (Debian testing watch)
  • [2023-11-10] Accepted dnsdist 1.8.2-2 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2023-10-27] dnsdist 1.8.2-1 MIGRATED to testing (Debian testing watch)
  • [2023-10-21] Accepted dnsdist 1.8.2-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2023-09-14] dnsdist 1.8.1-1 MIGRATED to testing (Debian testing watch)
  • [2023-09-09] Accepted dnsdist 1.8.1-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2023-06-21] dnsdist 1.8.0-1 MIGRATED to testing (Debian testing watch)
  • [2023-06-15] Accepted dnsdist 1.8.0-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
  • [2022-12-25] dnsdist 1.7.3-2 MIGRATED to testing (Debian testing watch)
  • 1
  • 2
bugs [bug history graph]
  • all: 2
  • RC: 0
  • I&N: 1
  • M&W: 1
  • F&P: 0
  • patch: 0
links
  • homepage
  • lintian (0, 1)
  • buildd: logs, checks, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 1.9.10-1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing