Just released, including security updates: 9.0.4-20170709 Updates in 1 source package(s), 4 binary package(s): Source bind9, binaries: libdns-export162:amd64 libisc-export160:amd64 libdns-export162:arm64 libisc-export160:arm64 bind9 (1:9.10.3.dfsg.P4-12.3+deb9u1) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * debian/patches: - debian/patches/CVE-2017-3142+CVE-2017-3143 added, fix TSIG bypasses CVE-2017-3142: error in TSIG authentication can permit unauthorized zone transfers. An attacker may be able to circumvent TSIG authentication of AXFR and Notify requests. CVE-2017-3143: error in TSIG authentication can permit unauthorized dynamic updates. An attacker may be able to forge a valid TSIG or SIG(0) signature for a dynamic update. -- Steve McIntyre <email@example.com> Mon, 10 Jul 2017 01:34:12 +0100 -- Steve McIntyre, Cambridge, UK. firstname.lastname@example.org You raise the blade, you make the change... You re-arrange me 'til I'm sane...
Description: PGP signature