[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1109748: [discussion] unblock: bind9/1:9.20.11-1

Hi Salvatore,

my only comment is: thank you for filing this as I thought I already did that,
but apparently not. It is absolutely going to be useful to start with latest
upstream version as there is a CVE fixed in 9.20.11-1

+ [CVE2025-40777]: Fix a possible assertion failure when stale-answer-client-timeout is set to 0.

Ondrej
--
Ondřej Surý (He/Him)
ondrej@sury.org

> On 23. 7. 2025, at 9:24, Salvatore Bonaccorso <carnil@debian.org> wrote:
> 
> Package: release.debian.org
> Severity: normal
> X-Debbugs-Cc: bind9@packages.debian.org, Ondřej Surý <ondrej@debian.org>, carnil@debian.org, team@security.debian.org
> Control: affects -1 + src:bind9
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Hi Release team, hi Ondrej,
> 
> Approaching you with getting input from Ondrej. bind9/1:9.20.11-1
> fixes CVE-2025-40777. Ad bind9 is updated via the supported upstream
> versions in stable, that wuould mean for trxie we would ideally get in
> the fixed version.
> 
> Ondrej, do you have something to add here or can you please comment on
> allowing bind9/1:9.20.11-1 into trixie?
> 
> Regards,
> Salvatore
Reply to: