Bug#891801: stretch-pu: package unbound/1.6.0-3+deb9u2

To: Robert Edmonds <edmonds@debian.org>, 891801@bugs.debian.org
Subject: Bug#891801: stretch-pu: package unbound/1.6.0-3+deb9u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 02 Mar 2018 17:49:52 +0000
Message-id: <[🔎] 1520012992.15218.25.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 891801@bugs.debian.org
In-reply-to: <20180228224709.lh3monc6dke5im4y@mycre.ws>
References: <20180228224709.lh3monc6dke5im4y@mycre.ws> <20180228224709.lh3monc6dke5im4y@mycre.ws>

Control: tags -1 + moreinfo

On Wed, 2018-02-28 at 17:47 -0500, Robert Edmonds wrote:
> I would like to fix a DNSSEC validation bug (CVE-2017-15105) in the
> unbound package shipped in stretch. After discussion with the
> security
> team, this bug was deemed minor enough that the fix could be shipped
> in
> a point release:
> 
> https://security-tracker.debian.org/tracker/CVE-2017-15105
> 

According to the above Security Tracker entry, this issue has not yet
been fixed in unstable. Assuming that's correct, I'm afraid that's a
blocker for looking at an update in stable.

Regards,

Adam

Reply to:

Prev by Date: Bug#891807: stretch-pu: package libdate-holidays-de-perl/1.9-1
Next by Date: Processed: Re: Bug#891801: stretch-pu: package unbound/1.6.0-3+deb9u2
Previous by thread: Processed: Re: Bug#891807: stretch-pu: package libdate-holidays-de-perl/1.9-1
Next by thread: Processed: Re: Bug#891801: stretch-pu: package unbound/1.6.0-3+deb9u2
Index(es):
- Date
- Thread