[ubuntu/xenial-security] bind9 1:9.10.3.dfsg.P4-8ubuntu1.6 (Accepted)

Steve Beattie Mon, 17 Apr 2017 10:01:06 -0700

bind9 (1:9.10.3.dfsg.P4-8ubuntu1.6) xenial-security; urgency=medium

  * SECURITY UPDATE: Denial of Service due to an error handling
    synthesized records when using DNS64 with "break-dnssec yes;"
    - debian/patches/CVE-2017-3136.patch: reset noqname if query_dns64()
      called.
    - CVE-2017-3136
  * SECURITY UPDATE: Denial of Service due to resolver terminating when
    processing a response packet containing a CNAME or DNAME
    - debian/patches/CVE-2017-3137.patch: don't expect a specific
      ordering of answer components; add testcases.
    - CVE-2017-3137
  * SECURITY UPDATE: Denial of Service when receiving a null command on
    the control channel
    - debian/patches/CVE-2017-3138.patch: don't throw an assert if no
      command token is given; add testcase.
    - CVE-2017-3138


Date: 2017-04-12 09:05:12.954329+00:00
Changed-By: Steve Beattie <sbeat...@ubuntu.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-8ubuntu1.6

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] bind9 1:9.10.3.dfsg.P4-8ubuntu1.6 (Accepted)

Reply via email to