[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please unblock bind9_9.3.4-2

On Mon, Jan 29, 2007 at 04:07:13PM -0700, LaMont Jones wrote:
> Like the subject says, bind9_9.3.4-2 should be promoted to testing,
> either now, or in 2 days when it's old enough. :-)  (And yes, I know it
> just went through dinstall today...)  It is currently built on alpha,
> amd64, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc - which
> leaves only m68k lagging, iirc.
> 9.3.4-2 fixes two security issues that were recently announced by ISC,
> along with the release of 9.3.4.
> 	--- 9.3.4 released ---
> 2126.	[security]	Serialise validation of type ANY responses. [RT #16555]

Assigned CVE-2007-0493
> 2124.	[security]	It was possible to dereference a freed fetch
> 			context. [RT #16584]

Assigned CVE-2007-0494

Both marked as fixed in 1:9.3.4-2 in our tracker, HOWEVER:

355 files changed, 42564 insertions(+), 23165 deletions(-)
which has lots of changes to lots of files.

Is there any chance the security/RC issues can be backported?

<gwolf> bah.... Germans. You just put 100 DDs in one country and then they all
	become friends of each other.

Attachment: signature.asc
Description: Digital signature

Reply to: