{"id":"MGASA-2015-0189","summary":"Updated pdns & pdns-recursor packages fix CVE-2015-1868","details":"Updated pdns and pdns-recursor packages fix security vulnerability:\n\nA bug was discovered in the label decompression code in PowerDNS and PowerDNS\nRecursor, making it possible for names to refer to themselves, thus causing a\nloop during decompression. On some platforms, this bug can be abused to cause\ncrashes. On all platforms, this bug can be abused to cause service-affecting\nCPU spikes (CVE-2015-1868).\n\nThe pdns package has been updated to version 3.3.2 and the pdns-recursor\npackage has been updated to version 3.6.3 to fix this issue and other bugs.\n","modified":"2026-04-16T01:48:26.629025209Z","published":"2015-05-05T13:36:50Z","upstream":["CVE-2015-1868"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0189.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=15754"},{"type":"WEB","url":"http://doc.powerdns.com/md/security/powerdns-advisory-2015-01/"},{"type":"ADVISORY","url":"http://blog.powerdns.com/2015/05/01/important-update-for-security-advisory-2015-01/"},{"type":"WEB","url":"https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-332"},{"type":"WEB","url":"https://doc.powerdns.com/md/changelog/#powerdns-recursor-363"}],"affected":[{"package":{"name":"pdns","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/pdns?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.3.2-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0189.json"}},{"package":{"name":"pdns-recursor","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/pdns-recursor?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.3-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0189.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}