This update for pdns-recursor fixes the following issues:
update to 4.1.16
fixes an issue where records in the answer section of
a NXDOMAIN response lacking an SOA were not properly validated
(CVE-2020-12244, boo#1171553)
fixes an issue where invalid hostname on the server can result in
disclosure of invalid memory (CVE-2020-10030, boo#1171553)
fixes an issue in the DNS protocol has been found that allows
malicious parties to use recursive DNS services to attack third
party authoritative name servers (CVE-2020-10995, boo#1171553)
For details see
https://doc.powerdns.com/recursor/changelog/4.1.html#change-4.1.16