{"id":"MGASA-2014-0522","summary":"Updated pdns-recursor packages fix CVE-2014-8601","details":"Updated pdns-recursor package fixes security vulnerability:\n\nPowerDNS Recursor before version 3.6.2, could be negatively impacted by\nspecially configured, hard to resolve domain names. A remote attacker, by\nsending a query for such a domain name, could cause severe performance\ndegradation in PowerDNS Recursor, causing a denial of service (CVE-2014-8601).\n\nThe pdns-recursor package has been updated to version 3.6.2, fixing this issue\nand several other bugs, as well as providing additional features.\n","modified":"2026-02-04T03:44:48.254015Z","published":"2014-12-10T20:09:57Z","related":["CVE-2014-8601"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0522.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14695"},{"type":"REPORT","url":"http://blog.powerdns.com/2014/06/20/recursor-3-6-0-released/"},{"type":"REPORT","url":"http://blog.powerdns.com/2014/09/10/security-update-powerdns-recursor-3-6-1/"},{"type":"REPORT","url":"http://blog.powerdns.com/2014/10/30/recursor-3-6-2/"},{"type":"REPORT","url":"http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/"}],"affected":[{"package":{"name":"pdns-recursor","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/pdns-recursor?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.2-1.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0522.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}