In a nutshell, the vulnerability is stuffing a lot of broken signatures from different keys in a response so the validator wastes a bunch of time retrieving keys and then validating signatures that'll never validate. The fixes just limit the amount of time before validators yield to another task and/or give up. It's a big deal if you run a public resolver but otherwise you can probably fix it at your leisure.