It was reported , that the ldns_rr_new_frm_str_internal() function of ldns, when parsing data of unknown RR types ("\#"), suffered from a boundary error. This could be exploited to cause a heap-based buffer overflow by parsing specially crafted DNS Resource Records, possibly leading to the execution of arbitrary code.
A fix  has been committed to ldns trunk.
Created ldns tracking bugs for this issue
Affects: fedora-all [bug 741025]
Affects: epel-all [bug 741026]
This has been assigned the name CVE-2011-3581
Updates are now in all the testing repos
(In reply to comment #3)
> Updates are now in all the testing repos
Brilliant, thanks Paul.
The following ldns package updates has been pushed to testing repositories to correct this flaw:
Once they have passed the required amount of testing, they will be pushed to
particular -stable repository.
These have made it to stable a long time ago