Re: Bind security announce
On Thu, 02 Dec 2010 08:34:40 -1000, Debian security wrote:
> Hello,
>
> ISC published new versions of their DNS server: bind.
> This version is corrects bug and one security issue (classified as High)
> that impacts the version shipped in Debian Lenny.
> It has been published yeterday and I still can't see any update in the
> security repository.
> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
> which correct the bugs?
>
> https://www.isc.org/software/bind/advisories/cve-2010-3613
> https://www.isc.org/software/bind/advisories/cve-2010-3614
This is the first I've heard of these issues. You can submit a bug
report against bind9 to encourage the maintainer to start working on a
fix for unstable and a backport for lenny. It would be even more
helpful if you can extract the patches, apply them, and send a diff
against the current packages.
Mike
Reply to: