The tracker at http://people.canonical.com/~ubuntu- security/cve/2012/CVE-2012-0206.html lists 12.04, 14.04 and 14.10 as "needed".
However it looks like it is actually fixed in all of them. The CVE description states "before 3.0.1" and 14.04 and 14.10 are newer than 3.01. This is from the changelog in the current 12.04 package. pdns (3.0-1.1) unstable; urgency=high * Non-maintainer upload. * Don't respond to responses fixes CVE-2012-0206 * Make build dependency on mongodb-dev arch specific (Closes: #654568). -- Luk Claes <luk@debian....> Sun, 15 Jan 2012 19:13:17 +0100 And to confirm it I checked and the package and it does contain the patch CVE-2012-0206 in the debian/patches directory. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/918588 Title: PowerDNS Authoritative Server can be caused to generate a traffic loop CVE-2012-0206 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pdns/+bug/918588/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs