bind9/wheezy-backports: missing security updates?
Hi,
I noticed wheezy-backports has bind9 version 1:9.9.5.dfsg-4~bpo70+1, but
there are security updates included in a later version:
+---
| bind9 (1:9.9.5.dfsg-7) unstable; urgency=medium
|
| * Fix CVE-2014-8500: limit recursion in order to avoid memory consuption
| issues that can lead to denial-of-service (closes: #772610).
|
| -- Michael Gilbert <mgilbert@debian.org> Sun, 14 Dec 2014 05:05:48 +0000
+---
Without looking further at this I would expect the version currently in
backports to be vulnerable.
Ansgar
Reply to: