A flaw was found in the way PowerDNS Recursor resolved certain specially crafted domain names. A remote attacked could use a specially crafted domain name that, when processed by PowerDNS Recursor, would affect the performance of PowerDNS, potentially resulting in a denial of service. More information can be found in the upstream advisory: http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ Patches are available at: https://downloads.powerdns.com/patches/2014-02/ Other references: http://seclists.org/oss-sec/2014/q4/975
Created pdns-recursor tracking bugs for this issue: Affects: fedora-all [bug 1172117] Affects: epel-all [bug 1172118]
Fedora is not affected. We have already the latest stable pdns-recursor 3.6.2 updates for Fedora and Fedora-EPEL. See: https://admin.fedoraproject.org/updates/search/pdns-recursor