On 2012-08-24 09:38, Julien Cristau wrote: > Control: severity -1 wishlist > > On Tue, Aug 21, 2012 at 22:40:36 +0200, Jeroen Massar wrote: > >> Package: nsd3 >> Severity: critical >> > Without justification, not quite.
>From the initial message: Bugfix #461 (VU#517036 CVE-2012-2979): NSD denial of service vulnerability from DNS packet when using --enable-zone-stats. Bugfix #460: man page correction - identity. Fix for nsd-patch segfault if zone has been removed from nsd.conf (thanks Ilya Bakulin) One would think that is critical enough to take the 5 minutes to update the tar.gz from the vendor and roll a new Debian package. Anyway, in the meantime for our deployment we have done just that and put them in our private repo and deployed that on our servers. Thank you for your concern! Greets, Jeroen -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
