Hello, Is there an ETA on the fix for this bind9 vulnerability to be available for Debian Stretch yet?
https://security-tracker.debian.org/tracker/CVE-2018-5743 says that the stable branch is still vulnerable (fixed in buster/sid only), even though the Debian bug report https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927932 is already marked as closed. I admit I am not all too familiar with usual Debian security procedures in such cases, but as the bug is rated with a severity rating of grave and it's now two weeks since the public disclosure, I am starting to feel a little worried. Kind regards Markus
