Stuart Cardall authored Feb 03, 2016 and Natanael Copa committed Feb 04, 2016

Malformed packets could cause the OpenDNS deviceid, OpenDNS set-client-ip, blocking and
AAAA blocking plugins to use uninitialized pointers, leading to a denial of service or
possibly code execution.

The vulnerable code is present since dnscrypt-proxy 1.1.0.

OpenDNS users and people using dnscrypt-proxy in order to block domain names and
IP addresses should upgrade as soon as possible.