Control: severity -1 wishlist
On Tue, Aug 21, 2012 at 22:40:36 +0200, Jeroen Massar wrote:
Package: nsd3
Severity: critical
Without justification, not quite.
Cheers,
Julien
signature.asc
Description: Digital signature
On 2012-08-24 09:38, Julien Cristau wrote:
Control: severity -1 wishlist
On Tue, Aug 21, 2012 at 22:40:36 +0200, Jeroen Massar wrote:
Package: nsd3
Severity: critical
Without justification, not quite.
From the initial message:
Bugfix #461 (VU#517036 CVE-2012-2979): NSD denial of
On Fri, Aug 24, 2012 at 10:55 AM, Jeroen Massar jer...@unfix.org wrote:
On 2012-08-24 09:38, Julien Cristau wrote:
Control: severity -1 wishlist
On Tue, Aug 21, 2012 at 22:40:36 +0200, Jeroen Massar wrote:
Package: nsd3
Severity: critical
Without justification, not quite.
From the
On 2012-08-24 11:04, Ondřej Surý wrote:
[..]
One would think that is critical enough to take the 5 minutes to update
the tar.gz from the vendor and roll a new Debian package.
But not when there is a freeze in place, since it wouldn't automatically
transfer to testing and would need a manual
On 2012-08-22 00:50, Ondřej Surý wrote:
Debian dind't enable bind9 stats so it's not vulnerable.
There are people who build from the source package and who might enable
this, from that perspective it would be good to upgrade to it.
And there are also other fixes in that version note the
Package: nsd3
Severity: critical
3.2.13 is out for a month already, might be nice to get an updated
package...
Greets,
Jeroen
--
https://www.nlnetlabs.nl/projects/nsd/
{{{
NSD 3.2.13
Jul 27, 2012
Bugfixes
Bugfix #461 (VU#517036 CVE-2012-2979): NSD denial of service
vulnerability from DNS
Debian dind't enable bind9 stats so it's not vulnerable.
Ondřej Surý
On 21. 8. 2012, at 22:40, Jeroen Massar jer...@unfix.org wrote:
Package: nsd3
Severity: critical
3.2.13 is out for a month already, might be nice to get an updated
package...
Greets,
Jeroen
--
7 matches
Mail list logo