Advisories ยป MGASA-2014-0522

Updated pdns-recursor packages fix CVE-2014-8601

Publication date: 10 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8601


Updated pdns-recursor package fixes security vulnerability:

PowerDNS Recursor before version 3.6.2, could be negatively impacted by
specially configured, hard to resolve domain names. A remote attacker, by
sending a query for such a domain name, could cause severe performance
degradation in PowerDNS Recursor, causing a denial of service (CVE-2014-8601).

The pdns-recursor package has been updated to version 3.6.2, fixing this issue
and several other bugs, as well as providing additional features.