NIXPKGS-2026-0012 published on 13 Jan 2026 CVE-2025-59030 updated 1 week, 1 day ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse accepted as draft 1 week, 1 day ago @LeSuisse published on GitHub 1 week, 1 day ago Insufficient validation of incoming notifies over TCP can lead to a denial of service in Recursor An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP. Affected products pdns-recursor <5.3.3 <5.2.7 <5.1.9 Matching in nixpkgs pkgs.pdns-recursor Recursive DNS server nixos-unstable 5.2.6 nixpkgs-unstable 5.2.6 nixos-unstable-small 5.2.6 nixos-25.11 5.2.6 nixos-25.11-small 5.2.6 nixpkgs-25.11-darwin 5.2.6 nixos-25.05 5.2.6 nixos-25.05-small 5.2.6 nixpkgs-25.05-darwin 5.2.6 Package maintainers: 1 @rnhmjoj Michele Guerini Rocco <rnhmjoj@inventati.org>
CVE-2025-59030 updated 1 week, 1 day ago by @LeSuisse Activity log Created automatic suggestion 1 week, 6 days ago @LeSuisse accepted as draft 1 week, 1 day ago @LeSuisse published on GitHub 1 week, 1 day ago Insufficient validation of incoming notifies over TCP can lead to a denial of service in Recursor An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP. Affected products pdns-recursor <5.3.3 <5.2.7 <5.1.9 Matching in nixpkgs pkgs.pdns-recursor Recursive DNS server nixos-unstable 5.2.6 nixpkgs-unstable 5.2.6 nixos-unstable-small 5.2.6 nixos-25.11 5.2.6 nixos-25.11-small 5.2.6 nixpkgs-25.11-darwin 5.2.6 nixos-25.05 5.2.6 nixos-25.05-small 5.2.6 nixpkgs-25.05-darwin 5.2.6 Package maintainers: 1 @rnhmjoj Michele Guerini Rocco <rnhmjoj@inventati.org>
pkgs.pdns-recursor Recursive DNS server nixos-unstable 5.2.6 nixpkgs-unstable 5.2.6 nixos-unstable-small 5.2.6 nixos-25.11 5.2.6 nixos-25.11-small 5.2.6 nixpkgs-25.11-darwin 5.2.6 nixos-25.05 5.2.6 nixos-25.05-small 5.2.6 nixpkgs-25.05-darwin 5.2.6