[Pdns-users] PowerDNS products not vulnerable to CVE-2015-0235

bert hubert bert.hubert at powerdns.com
Wed Jan 28 06:41:20 UTC 2015


Hi everyone,

A brief note for you, your auditors & other folks worrying about security:
PowerDNS products are note vulnerable to CVE-2015-0235.

Our single use of gethostbyname() has been audited to be no risk as the
parameter with which it is called is static
(gethostbyname("a.root-servers.net")).

Just so you know!

	Bert





More information about the Pdns-users mailing list