[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bind security announce

On Thu, 02 Dec 2010 08:34:40 -1000, Debian security wrote:
> Hello,
> ISC published new versions of their DNS server: bind.
> This version is corrects bug and one security issue (classified as High)
> that impacts the version shipped in Debian Lenny.
> It has been published yeterday and I still can't see any update in the
> security repository.
> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
> which correct the bugs?
> https://www.isc.org/software/bind/advisories/cve-2010-3613
> https://www.isc.org/software/bind/advisories/cve-2010-3614

This is the first I've heard of these issues.  You can submit a bug
report against bind9 to encourage the maintainer to start working on a
fix for unstable and a backport for lenny.  It would be even more
helpful if you can extract the patches, apply them, and send a diff
against the current packages.


Reply to: