[dnsdist] PowerDNS DNSdist 1.9.9 released, fixing CVE-2025-30194
Remi Gacogne
remi.gacogne at powerdns.com
Tue Apr 29 11:15:19 UTC 2025
Hello!
We released PowerDNS DNSdist 1.9.9 today, an emergency release fixing a
security issue tracked as CVE-2025-30194 where a remote, unauthenticated
attacker can cause a denial of service via a crafted DNS over HTTPS
connection. The issue was reported to us via our public GitHub tracker,
so once it was clear that the issue had a security impact we prepared to
release a new version as soon as possible.
While we advise upgrading to a fixed version, a work-around is to
temporarily switch to the h2o provider until DNSdist has been upgraded.
Please see the DNSdist website [1] for the more complete changelog [2]
and the current documentation. The upgrade guide is also available there
[3].
Please send us all feedback and issues you might have via the mailing
list, or in case of a bug, via GitHub [4].
The release tarball [5] and its signature [6] are available on the
downloads website, and packages for several distributions are available
from our repository [7].
[1]: https://dnsdist.org
[2]: https://dnsdist.org/changelog.html#change-1.9.9
[3]: https://dnsdist.org/upgrade_guide.html
[4]: https://github.com/PowerDNS/pdns/issues/new/choose
[5]:
https://downloads.powerdns.com/releases/dnsdist-1.9.9.tar.bz2
[6]:
https://downloads.powerdns.com/releases/dnsdist-1.9.9.tar.bz2.sig
[7]: https://repo.powerdns.com
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20250429/edea3d0c/attachment.sig>
More information about the dnsdist
mailing list