Re: bind9: CVE-2017-3139 affects debian too

To: debian-lts@lists.debian.org, 889285@bugs.debian.org
Subject: Re: bind9: CVE-2017-3139 affects debian too
From: Roberto C. Sánchez <roberto@debian.org>
Date: Sat, 3 Feb 2018 08:53:26 -0500
Message-id: <[🔎] 20180203135326.jvrvr3yogcui4zuk@camaguey.connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-lts@lists.debian.org, 889285@bugs.debian.org
In-reply-to: <[🔎] alpine.DEB.2.02.1802031434050.6734@erwin.webstep.net>
References: <[🔎] alpine.DEB.2.02.1802031434050.6734@erwin.webstep.net>

On Sat, Feb 03, 2018 at 02:37:14PM +0100, Vladislav Kurz wrote:
> Hello LTS team,
> 
> please have a look at
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889285
> 
> I think it is the same bug as CVE-2017-3139 which was considered to affect
> only RedHat, but it seems to affect debian wheezy too.
> 
> Please check if it is possible to apply the same fixes as RedHat did.
> Or at leas update the bind package in wheezy-backports to match the version
> and security fixes from debian jesssie.
> 
I am taking a look at this now.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

References:
- bind9: CVE-2017-3139 affects debian too
  - From: Vladislav Kurz <vladislav.kurz@webstep.net>

Prev by Date: bind9: CVE-2017-3139 affects debian too
Next by Date: Wheezy update of simplesamlphp?
Previous by thread: bind9: CVE-2017-3139 affects debian too
Next by thread: Wheezy update of simplesamlphp?
Index(es):
- Date
- Thread