Bug#891801: stretch-pu: package unbound/1.6.0-3+deb9u2
Control: tags -1 + moreinfo
On Wed, 2018-02-28 at 17:47 -0500, Robert Edmonds wrote:
> I would like to fix a DNSSEC validation bug (CVE-2017-15105) in the
> unbound package shipped in stretch. After discussion with the
> security
> team, this bug was deemed minor enough that the fix could be shipped
> in
> a point release:
>
> https://security-tracker.debian.org/tracker/CVE-2017-15105
>
According to the above Security Tracker entry, this issue has not yet
been fixed in unstable. Assuming that's correct, I'm afraid that's a
blocker for looking at an update in stable.
Regards,
Adam
Reply to: