Security update for pdns-recursor SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:0221-1 Final 1 1 2017-01-19T20:02:26Z current 2017-01-19T20:02:26Z 2017-01-19T20:02:26Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for pdns-recursor This update for pdns-recursor fixes the following issue: - CVE-2016-7068: Crafted queries could have caused abnormal CPU usage (bsc#1018326) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-01/msg00122.html E-Mail link for openSUSE-SU-2017:0221-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 openSUSE Leap 42.2 pdns-recursor-3.7.3-7.1 pdns-recursor-3.7.3-7.1 as a component of openSUSE Leap 42.1 pdns-recursor-3.7.3-7.1 as a component of openSUSE Leap 42.2 An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if the system becomes overloaded. This issue is based on the fact that the PowerDNS server parses all records present in a query regardless of whether they are needed or even legitimate. A specially crafted query containing a large number of records can be used to take advantage of that behaviour. CVE-2016-7068 openSUSE Leap 42.1:pdns-recursor-3.7.3-7.1 openSUSE Leap 42.2:pdns-recursor-3.7.3-7.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-01/msg00122.html https://www.suse.com/security/cve/CVE-2016-7068.html CVE-2016-7068 https://bugzilla.suse.com/1018326 SUSE Bug 1018326