openSUSE Security Update : pdns / pdns-recursor (openSUSE-2015-505)
High Nessus Plugin ID 84996
SynopsisThe remote openSUSE host is missing a security update.
Descriptionpdns, pdns-recursor were updated to fix two security issues.
These security issues were fixed :
- CVE-2015-1868: The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allowed remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself (bsc#927569).
- CVE-2015-5470: Complete fix for CVE-2015-1868 (bsc#927569).
SolutionUpdate the affected pdns / pdns-recursor packages.