Quoting $URL: The new high-quality random generator was not used for all random numbers, especially in source port selection. This means that 3.1.5 is still a lot more secure than 3.1.4 was, and its algorithms more secure than most other nameservers, but it also means 3.1.5 is not as secure as it could be. A quick upgrade is recommended. Discovered by Thomas Biege of Novell (SUSE), fixed in commit 1179. http://wiki.powerdns.com/projects/trac/changeset/1179
Arches, please test and mark stable: =net-dns/pdns-recursor-3.1.6 Target keywords : "amd64 x86"
x86 stable
amd64 stable, all arches done.
I would vote Yes like we previously did on other cache-poisoning vulnerabilities. refer to GLSA 200804-22
YES, request filed
This should be an erratum as it was reported fixed by bug #215567 / GLSA 200804-22.
update sent.