Bug#860225: bind9: Wheezy hit by CVE-2017-3139

Sat, 02 Sep 2017 02:42:49 -0700 

Package: bind9
Version: 1:9.8.4.dfsg.P1-6+nmu2+deb7u18
Followup-For: Bug #860225

Dear Maintainer,
looks like I've just been hit by CVE-2017-3139 on Debian Wheezy.
Seems it's not limited to RedHat:

Aug 31 17:03:24 r210 named[29899]: validator.c:1858: INSIST(rdataset->type
== ((dns_rdatatype_t)dns_rdatatype_dnskey)) failed, back trace
Aug 31 17:03:24 r210 named[29899]: #0 0x7f0b982b8e19 in ??
Aug 31 17:03:24 r210 named[29899]: #1 0x7f0b96bf5f3a in ??
Aug 31 17:03:24 r210 named[29899]: #2 0x7f0b97bb4e57 in ??
Aug 31 17:03:24 r210 named[29899]: #3 0x7f0b97bbb599 in ??
Aug 31 17:03:24 r210 named[29899]: #4 0x7f0b96c14dfd in ??
Aug 31 17:03:24 r210 named[29899]: #5 0x7f0b965c8b50 in ??
Aug 31 17:03:24 r210 named[29899]: #6 0x7f0b95fb2fbd in ??
Aug 31 17:03:24 r210 named[29899]: exiting (due to assertion failure)


-- System Information:
Debian Release: 7.11
  APT prefers oldoldstable-updates
  APT policy: (500, 'oldoldstable-updates'), (500, 'oldoldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=sk_SK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages bind9 depends on:
ii  adduser                3.113+nmu3
ii  bind9utils             1:9.8.4.dfsg.P1-6+nmu2+deb7u18
ii  debconf [debconf-2.0]  1.5.49
ii  libbind9-80            1:9.8.4.dfsg.P1-6+nmu2+deb7u18
ii  libc6                  2.13-38+deb7u12
ii  libcap2                1:2.22-1.2
ii  libdns88               1:9.8.4.dfsg.P1-6+nmu2+deb7u18
ii  libgssapi-krb5-2       1.10.1+dfsg-5+deb7u8
ii  libisc84               1:9.8.4.dfsg.P1-6+nmu2+deb7u18
ii  libisccc80             1:9.8.4.dfsg.P1-6+nmu2+deb7u18
ii  libisccfg82            1:9.8.4.dfsg.P1-6+nmu2+deb7u18
ii  liblwres80             1:9.8.4.dfsg.P1-6+nmu2+deb7u18
ii  libssl1.0.0            1.0.1t-1+deb7u2
ii  libxml2                2.8.0+dfsg1-7+wheezy9
ii  lsb-base               4.1+Debian8+deb7u1
ii  net-tools              1.60-24.2
ii  netbase                5.0

bind9 recommends no packages.

Versions of packages bind9 suggests:
ii  bind9-doc   1:9.8.4.dfsg.P1-6+nmu2+deb7u18
ii  dnsutils    1:9.8.4.dfsg.P1-6+nmu2+deb7u18
pn  resolvconf  <none>
pn  ufw         <none>

-- Configuration Files:
/etc/bind/named.conf.local changed [not included]

-- debconf information excluded

Reply via email to