PowerDNS project has reported the following issue in PowerDNS: """ A bug was discovered in our label decompression code, making it possible for names to refer to themselves, thus causing a loop during decompression. This loop is capped at a 1000 iterations by a failsafe, making the issue harmless on most platforms. However, on specific platforms , the recursion involved in these 1000 steps causes memory corruption leading to a quick crash, presumably because the default stack is too small. We recommend that all users upgrade to a corrected version if at all possible. Alternatively, if you want to apply a minimal fix to your own tree, it can be found in two parts: https://github.com/PowerDNS/pdns/commit/adb10be102ddd4d2baf7a8adbb5673946fe5e555 https://github.com/PowerDNS/pdns/commit/3ec3e0fc71bc89ac41c7e6d8cd3f323f25233881 These should be trivial to backport to older versions by hand. As for workarounds, only clients in allow-from are able to trigger the degraded service, so this should be limited to your userbase; further, we recommend running your critical services under supervision such as systemd, supervisord, daemontools, etc. """ Acknowledements: Red Hat would like to thank the PowerDNS upstream project for reporting this issue. Upstream acknowledges Aki Tuomi as the original reporter.
Created pdns tracking bugs for this issue: Affects: fedora-all [bug 1214703] Affects: epel-5 [bug 1213832]
External References: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
pdns-recursor-3.7.2-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
pdns-recursor-3.7.2-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
pdns-3.3.1-2.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
pdns-recursor-3.6.3-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
pdns-3.4.4-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
pdns-recursor-3.7.2-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
pdns-recursor-3.7.2-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
pdns-3.3.1-3.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
pdns-3.4.4-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
pdns-recursor-3.7.2-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
pdns-3.4.4-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.