Public bug reported:
Please sync bind9 1:9.9.5.dfsg-10 (main) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
* SECURITY UPDATE: resolver DoS via specially crafted zone data
- lib/dns/validator.c: don't use uninitialized fixedname.
- CVE-2015-4620
CVE has been fixed in Debian, as well.
Changelog entries since current wily version 1:9.9.5.dfsg-9ubuntu1:
bind9 (1:9.9.5.dfsg-10) unstable; urgency=high
* Fix CVE-2015-4620: DNSSEC validation of a malicously crafted zone can
cause the resolver to crash (closes: #791715).
-- Michael Gilbert <mgilb...@debian.org> Thu, 09 Jul 2015 00:43:38
+0000
** Affects: bind9 (Ubuntu)
Importance: Wishlist
Status: New
** Changed in: bind9 (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/1475992
Title:
Sync bind9 1:9.9.5.dfsg-10 (main) from Debian unstable (main)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1475992/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
