It was found that PowerDNS does not implement reasonable restrictions for zone sizes. This allows an explicitly configured primary DNS server for a zone to crash a secondary DNS server, affecting service of other zones hosted on the same secondary server. CVE request: http://seclists.org/oss-sec/2016/q3/19 Proposed patch: https://github.com/sischkg/xfer-limit/blob/master/powerdns-3.4.7-xfer-limit-0.0.1.patch
Created pdns tracking bugs for this issue: Affects: fedora-all [bug 1353566] Affects: epel-all [bug 1353567]
Upstream issue: https://github.com/PowerDNS/pdns/issues/4128 The following patches are still under review but should be merged soon: - Master: https://github.com/PowerDNS/pdns/pull/4133 - 3.4.x: https://github.com/PowerDNS/pdns/pull/4134
pdns-4.0.1-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.