CVE-2020-24696: A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature. CVE-2020-24697: A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature. CVE-2020-24698: A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution by sending crafted queries with a GSS-TSIG signature. Reference: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-06.html
Fedora and Fedora-EPEL are not affected, because our packages are not compiled with GSS-TSIG support.