On Fri, Mar 29, 2013 at 16:38:57 -0400, Michael Gilbert wrote: > On Fri, Mar 29, 2013 at 4:08 PM, Adam D. Barratt wrote: > > > Control: tags -1 + moreinfo > > > > > > On 29.03.2013 15:01, Salvatore Bonaccorso wrote: > > > >> bind9 (1:9.8.4.dfsg.P1-6+nmu1) unstable; urgency=high > >> . > >> * Non-maintainer upload by the Security Team. > >> * Fix cve-2012-5689: issue in nameservers using DNS64 to perform a AAAA > >> lookup for a record with an A record overwrite rule in a Response > >> Policy > >> Zone (closes: #699145). > >> > > > > fwiw, this issue isn't marked as RC currently. The bug log notes that > > there wasn't a production quality patch available and instead the plan was > > to document how to avoid the issue, which Moritz seemed happy with. What > > changed? > > > A production-ready patch. > Not in the bug log there wasn't. > > * Fix cve-2013-2266: issues in regular expression handling > >> (closes: #704174). > >> > > > > and that one appears to have been NMUed around four hours after it was > > filed, which I'm not overjoyed about. > > > > You're aware that this is easily exploited in the wild already? > You're aware that you're not the bind9 maintainer, and so you don't get to NMU without talking to him first? Cheers, Julien
Attachment:
signature.asc
Description: Digital signature