Candidate: CVE-2015-5470
PublicDate: 2015-11-02 19:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5470
 http://www.openwall.com/lists/oss-security/2015/07/07/6
 https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
 http://downloads.powerdns.com/patches/2015-01/
Description:
 The label decompression functionality in PowerDNS Recursor before 3.6.4 and
 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x
 before 3.4.5 allows remote attackers to cause a denial of service (CPU
 consumption or crash) via a request with a long name that refers to itself.
  NOTE: this vulnerability exists because of an incomplete fix for
 CVE-2015-1868.
Ubuntu-Description:
Notes:
 mdeslaur> incomplete fix for CVE-2015-1868
 mdeslaur> only affected pdns 3.2+ and pdns-recursor 3.5+
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_pdns:
upstream_pdns: released (3.4.5-1)
precise_pdns: not-affected (3.0-1.1ubuntu1)
precise/esm_pdns: DNE (precise was not-affected [3.0-1.1ubuntu1])
trusty_pdns: ignored (reached end-of-life)
trusty/esm_pdns: DNE (trusty was needed)
utopic_pdns: ignored (reached end-of-life)
vivid_pdns: ignored (reached end-of-life)
vivid/stable-phone-overlay_pdns: DNE
vivid/ubuntu-core_pdns: DNE
wily_pdns: not-affected (3.4.5-1)
xenial_pdns: not-affected (3.4.5-1)
yakkety_pdns: not-affected (3.4.5-1)
zesty_pdns: not-affected (3.4.5-1)
artful_pdns: not-affected (3.4.5-1)
bionic_pdns: not-affected (3.4.5-1)
cosmic_pdns: not-affected (3.4.5-1)
disco_pdns: not-affected (3.4.5-1)
devel_pdns: not-affected (3.4.5-1)

Patches_pdns-recursor:
upstream_pdns-recursor: released (3.7.3-1)
precise_pdns-recursor: not-affected (3.3-2)
precise/esm_pdns-recursor: DNE (precise was not-affected [3.3-2])
trusty_pdns-recursor: released (3.5.3-1ubuntu0.1)
trusty/esm_pdns-recursor: DNE (trusty was released [3.5.3-1ubuntu0.1])
utopic_pdns-recursor: ignored (reached end-of-life)
vivid_pdns-recursor: released (3.6.2-2+deb8u2build0.15.04.1)
vivid/stable-phone-overlay_pdns-recursor: DNE
vivid/ubuntu-core_pdns-recursor: DNE
wily_pdns-recursor: not-affected (3.7.3-1)
xenial_pdns-recursor: not-affected (3.7.3-1)
yakkety_pdns-recursor: not-affected (3.7.3-1)
zesty_pdns-recursor: not-affected (3.7.3-1)
artful_pdns-recursor: not-affected (3.7.3-1)
bionic_pdns-recursor: not-affected (3.7.3-1)
cosmic_pdns-recursor: not-affected (3.7.3-1)
disco_pdns-recursor: not-affected (3.7.3-1)
devel_pdns-recursor: not-affected (3.7.3-1)