Description of problem: Security scanners (e.g. Comodo's HackerGuardian) are now reporting PowerDNS 3.4.11 is susceptible to CVE-2017-15091. After research, it appears the pdns-3.4.11-2.el7.x86_64.rpm package does not include the necessary patch. The patch is available here for 3.4.11: https://downloads.powerdns.com/patches/2017-04/ Version-Release number of selected component (if applicable): pdns-3.4.11-2 How reproducible: N/A Steps to Reproduce: 1. N/A 2. 3. Actual results: N/A Expected results: N/A Additional info: N/A
pdns-3.4.11-4.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f09712d924
pdns-3.4.11-4.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-f09712d924
pdns-3.4.11-4.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.