Skip to Content.
Sympa Menu

dns-operations - [opennic-dns-operations] Fwd: [SECURITY] [DSA 3319-1] bind9 security update

dns-operations AT lists.opennicproject.org

Subject: Dns-operations mailing list

List archive

[opennic-dns-operations] Fwd: [SECURITY] [DSA 3319-1] bind9 security update


Chronological Thread 
    < Chronological >      < Thread >
  • From: Fusl Dash <opennic AT lists.dedilink.eu>
  • To: dns-operations AT lists.opennicproject.org
  • Subject: [opennic-dns-operations] Fwd: [SECURITY] [DSA 3319-1] bind9 security update
  • Date: Sat, 1 Aug 2015 18:01:01 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi!

Just wanted to let everyone know about this (especially those not having
updated their bind9 server yet). Please read the announcement below.

Best regards

Fusl - root AT meo.ws - http://meo.ws/

- -------- Forwarded Message --------
Subject: [SECURITY] [DSA 3319-1] bind9 security update
Resent-Date: Tue, 28 Jul 2015 19:05:25 +0000 (UTC)
Resent-From: debian-security-announce AT lists.debian.org
Date: Tue, 28 Jul 2015 19:05:08 +0000
From: Salvatore Bonaccorso <carnil AT debian.org>
Reply-To: debian-security AT lists.debian.org
To: debian-security-announce AT lists.debian.org

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3319-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
July 28, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : bind9
CVE ID : CVE-2015-5477

Jonathan Foote discovered that the BIND DNS server does not properly
handle TKEY queries. A remote attacker can take advantage of this flaw
to mount a denial of service via a specially crafted query triggering an
assertion failure and causing BIND to exit.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u6.

For the stable distribution (jessie), this problem has been fixed in
version 1:9.9.5.dfsg-9+deb8u2.

We recommend that you upgrade your bind9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org


- --
To UNSUBSCRIBE, email to debian-security-announce-REQUEST AT lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster AT lists.debian.org
Archive: https://lists.debian.org/E1ZKABY-0007ej-0d AT master.debian.org




- --
Best regards

Fusl - root AT meo.ws - http://meo.ws/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBAgAGBQJVvO09AAoJELAaqP3QtzpMOVYIAJPqFwMJpbwA0sbD/kx5/Tzi
P7brGNl7MoME6/mQGKbXLLBfE3DdKXiE0sBILR7y8+OTxCTn6p3Fm3OocgPaRbAa
7gicR+AOLZQonLIqTrgIwia9ueiGKpGqC892c8oovGw663wCAcBuV+s3IqvUNuI2
eNZN/A8f/RYkgyNJ99A9RMv6JmrKsQY8kaUv2kSysknTNoNxoN9aQ107RsHVhoZl
nUZyLkJv88R1rBXsw3qavJqqi7uD6IWpmVKmf//ZEfk5BH3HocWNGRYobc/sww6s
eNv+yioLHQIpcy+PJ2xytl3FN51osQeGEUcA+0zLZLv8wzeh1uvnj2EqyD+A9lo=
=GifE
-----END PGP SIGNATURE-----

  • [opennic-dns-operations] Fwd: [SECURITY] [DSA 3319-1] bind9 security update, Fusl Dash, 08/01/2015

Archive powered by MHonArc 2.6.19.

Top of Page