Jessie openstack image updated to version 8.8.4-20170709

To: debian-cloud@lists.debian.org
Subject: Jessie openstack image updated to version 8.8.4-20170709
From: Steve McIntyre <steve@einval.com>
Date: Sun, 9 Jul 2017 23:55:41 +0100
Message-id: <[🔎] 20170709225541.ysxdamzk3qixag47@tack.einval.com>
Reply-to: =debian/cloud@tack.einval.com

Just released, including a security update:

8.8.4-20170709

Updates in 1 source package(s), 4 binary package(s):

  Source bind9, binaries: libdns-export100:amd64 libirs-export91:amd64 libisc-export95:amd64 libisccfg-export90:amd64  
  bind9 (1:9.9.5.dfsg-9+deb8u12) jessie-security; urgency=high
  
    * Non-maintainer upload by the Security Team.
    * Add patch to fix CVE-2017-3042 and CVE-2017-3043
      CVE-2017-3042: error in TSIG authentication can permit unauthorized zone
      transfers. An attacker may be able to circumvent TSIG authentication of
      AXFR and Notify requests.
      CVE-2017-3043: error in TSIG authentication can permit unauthorized
      dynamic updates. An attacker may be able to forge a valid TSIG or SIG(0)
      signature for a dynamic update.

-- Steve McIntyre <93sam@debian.org>  Sun, 09 Jul 2017 23:00:58 +0100


-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
We don't need no education.
We don't need no thought control.

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: Re: Bug#867594: cloud.debian.org: vms lease the same dhcp ipv4 address in kvm/libvirt
Next by Date: Stretch openstack image updated to version 9.0.4-20170709
Previous by thread: Processed: closing 863580
Next by thread: Stretch openstack image updated to version 9.0.4-20170709
Index(es):
- Date
- Thread