Nixpkgs Security Tracker

Login with GitHub

Details of issue NIXPKGS-2026-0211

NIXPKGS-2026-0211

GitHub issue published on 10 Feb 2026

Permalink CVE-2026-0398

updated 2 days, 2 hours ago by @LeSuisse Activity log

Created automatic suggestion 2 days, 6 hours ago
@LeSuisse removed package rotp 2 days, 2 hours ago
@LeSuisse accepted 2 days, 2 hours ago
@LeSuisse published on GitHub 2 days, 2 hours ago

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor

Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor.

Affected products

pdns-recursor

<5.1.10
<5.3.5
<5.2.8

Matching in nixpkgs

pkgs.pdns-recursor

Recursive DNS server

nixos-unstable 5.3.4
- nixpkgs-unstable 5.3.4
- nixos-unstable-small 5.3.4
nixos-25.11 5.2.7
- nixos-25.11-small 5.2.7
- nixpkgs-25.11-darwin 5.2.7

Ignored packages (1)

pkgs.rotp

Open-source modernization of the 1993 classic "Master of Orion", written in Java

nixos-unstable 1.04
- nixpkgs-unstable 1.04
- nixos-unstable-small 1.04
nixos-25.11 1.04
- nixos-25.11-small 1.04
- nixpkgs-25.11-darwin 1.04

Package maintainers

@rnhmjoj Michele Guerini Rocco <rnhmjoj@inventati.org>
@jtrees Joshua Trees <me@jtrees.io>

Upstream advisory: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html