[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#891801: stretch-pu: package unbound/1.6.0-3+deb9u2

Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On 2018-07-14 07:46, Salvatore Bonaccorso wrote:
> > Control: tags -1 - moreinfo
> > 
> > On Fri, Mar 02, 2018 at 05:49:52PM +0000, Adam D. Barratt wrote:
> > > Control: tags -1 + moreinfo
> > > 
> > > On Wed, 2018-02-28 at 17:47 -0500, Robert Edmonds wrote:
> > > > I would like to fix a DNSSEC validation bug (CVE-2017-15105) in the
> > > > unbound package shipped in stretch. After discussion with the
> > > > security
> > > > team, this bug was deemed minor enough that the fix could be shipped
> > > > in
> > > > a point release:
> > > >
> > > > https://security-tracker.debian.org/tracker/CVE-2017-15105
> > > >
> > > 
> > > According to the above Security Tracker entry, this issue has not yet
> > > been fixed in unstable. Assuming that's correct, I'm afraid that's a
> > > blocker for looking at an update in stable.
> > 
> > This happened later on with the 1.7.1-1 upload.
> 
> Thanks, Salvatore. Robert, please feel free to upload.
> 
> Regards,
> 
> Adam

Uploaded. Thanks!

-- 
Robert Edmonds
edmonds@debian.org
Reply to: