This bug was fixed in the package bind9 - 1:9.11.3+dfsg-2ubuntu1
---------------
bind9 (1:9.11.3+dfsg-2ubuntu1) cosmic; urgency=medium
* Merge with Debian unstable (LP: #1777935). Remaining changes:
- Build without lmdb support as that package is in Universe
* Drop:
- SECURITY UPDATE: improperly permits recursive query service
+ debian/patches/CVE-2018-5738.patch: fix configure_view_acl() handling
in bin/named/server.c.
+ CVE-2018-5738
[Applied in Debian's 1:9.11.3+dfsg-2]
bind9 (1:9.11.3+dfsg-2) unstable; urgency=medium
* [CVE-2018-5738]: Add upstream fix to close the default open recursion
(Closes: #901483)
* Change the maintainer address (Closes: #899959)
-- Andreas Hasenack <andr...@canonical.com> Wed, 20 Jun 2018 17:42:16
-0300
** Changed in: bind9 (Ubuntu)
Status: In Progress => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-5738
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1777935
Title:
Please merge from debian's 1:9.11.3+dfsg-2
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1777935/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
