[Bug 1475992] [NEW] Sync bind9 1:9.9.5.dfsg-10 (main) from Debian unstable (main)
Artur Rona
ari-tczew at tlen.pl
Sun Jul 19 14:01:43 UTC 2015
Public bug reported:
Please sync bind9 1:9.9.5.dfsg-10 (main) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: resolver DoS via specially crafted zone data
- lib/dns/validator.c: don't use uninitialized fixedname.
- CVE-2015-4620
CVE has been fixed in Debian, as well.
Changelog entries since current wily version 1:9.9.5.dfsg-9ubuntu1:
bind9 (1:9.9.5.dfsg-10) unstable; urgency=high
* Fix CVE-2015-4620: DNSSEC validation of a malicously crafted zone can
cause the resolver to crash (closes: #791715).
-- Michael Gilbert <mgilbert at debian.org> Thu, 09 Jul 2015 00:43:38
+0000
** Affects: bind9 (Ubuntu)
Importance: Wishlist
Status: New
** Changed in: bind9 (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/1475992
Title:
Sync bind9 1:9.9.5.dfsg-10 (main) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1475992/+subscriptions
More information about the Ubuntu-server-bugs
mailing list