pdns - security update

Multiple vulnerabilities have been discovered in pdns, an authoritative
DNS server. The Common Vulnerabilities and Exposures project identifies
the following problems:

• CVE-2016-5426 / CVE-2016-5427
  Florian Heinz and Martin Kluge reported that the PowerDNS
  Authoritative Server accepts queries with a qname’s length larger
  than 255 bytes and does not properly handle dot inside labels. A
  remote, unauthenticated attacker can take advantage of these flaws
  to cause abnormal load on the PowerDNS backend by sending specially
  crafted DNS queries, potentially leading to a denial of service.
• CVE-2016-6172
  It was reported that a malicious primary DNS server can crash a
  secondary PowerDNS server due to improper restriction of zone size
  limits. This update adds a feature to limit AXFR sizes in response
  to this flaw.

For the stable distribution (jessie), these problems have been fixed in
version 3.4.1-4+deb8u6.

We recommend that you upgrade your pdns packages.