testing bind9 for Wheezy LTS

To: debian-lts@lists.debian.org
Subject: testing bind9 for Wheezy LTS
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sat, 20 May 2017 16:57:52 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.02.1705201654340.6129@jupiter.server.alteholz.net>

Hi everybody,

I uploaded version 9.8.4.dfsg.P1-6+nmu2+deb7u16 of bind9 to:

https://people.debian.org/~alteholz/packages/wheezy-lts/bind9/amd64/

Please give it a try and tell me about any problems you met.

Thanks!
 Thorsten



* Dns64 with "break-dnssec yes;" can result in a assertion failure.
  (CVE-2017-3136)
* Prerequisite for CVE-2017-3137 cherry-picked from upstream change #4190.
  If not cherry-picking this change the fix for CVE-2017-3137 can cause an
  assertion failure to appear in name.c.
* Some chaining (CNAME or DNAME) responses to upstream queries could trigger
  assertion failures (CVE-2017-3137)
* Reimplement: Some chaining (CNAME or DNAME) responses to upstream queries
  could trigger assertion failures. (CVE-2017-3137)
* Fix regression introduced when handling CNAME to referral below the
  current domain
* 'rndc ""' could trigger a assertion failure in named. (CVE-2017-3138)

Reply to:

Follow-Ups:
- Re: testing bind9 for Wheezy LTS
  - From: Guido Günther <agx@sigxcpu.org>

Prev by Date: Re: [Secure-testing-commits] r51756 - data/CVE
Next by Date: dropbear 2012.55-1.3+deb7u2 to fix CVE-2017-9079
Previous by thread: Re: [Secure-testing-commits] r51756 - data/CVE
Next by thread: Re: testing bind9 for Wheezy LTS
Index(es):
- Date
- Thread