On Mon, Oct 15, 2012 at 11:52 PM, Matthew Grant wrote:
Thanks for that: Bit of a situation brewing for bind9 re #690569 (failure to
resolve dnssec-validated wildcards - major non-compliance to RFC etc) and
#690142 (this CVE)
Would appreciate your advice on how to proceed please. Note: Will
Hi, I've canceled this nmu. There were a lot of Makefile and other
files unrelated to the security fix that got included vs -4.2. Also,
an nmu requirement is to attach the full diff to the bug report to
help the maintainer out later.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to
Package: bind9
Version: 1:9.8.1.dfsg.P1-4.2
Followup-For: Bug #690142
Dear Maintainer,
Attaching a patch for this version of Debian bind9. NMUing in 2 days with
1:9.8.1.dfsg.P1-4.3
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Package: bind9
Tags: security
Severity: grave
A security relevant bug on all versions of bind9 has been discovered. Only
recursive servers are vulnerable. To mitigate the effects of a possible
attack it should be sufficient to set minimal-responses yes; in the
global options {} section.
As
Tags: security, patch
find the Ubuntu patch attached.
best regards,
Adi Kriegisch
=== modified file 'bin/named/query.c'
--- bin/named/query.c 2011-11-16 14:22:11 +
+++ bin/named/query.c 2012-10-05 09:45:39 +
@@ -1024,13 +1024,6 @@
mname = NULL;
}
- /*
- * If the
5 matches
Mail list logo