Re: CVE-2012-1033 (bind9)

To: debian-security@lists.debian.org
Subject: Re: CVE-2012-1033 (bind9)
From: Michael Gilbert <mgilbert@debian.org>
Date: Sat, 4 Aug 2012 18:27:18 -0400
Message-id: <[🔎] CANTw=MPd0pXdRY+CoiG9d=AO6J_f12t-vQYYEjfe+PC7=tf7bw@mail.gmail.com>
In-reply-to: <20120726145001.GB3340@mike.office.moo.com>
References: <20120726145001.GB3340@mike.office.moo.com>

On Thu, Jul 26, 2012 at 10:50 AM, Mike Ashton wrote:
> Hello folks,
>
> If we look here:
>
> http://security-tracker.debian.org/tracker/CVE-2012-1033
>
> it appears as though this CVE has been written off as a DNS protocol
> flaw, I believe based on the original ISC announcement here:

Hi, this had already been fixed in unstable/testing before your
message.  It's a low severity issue, and if you want to see it fixed
in squeeze, you could help by preparing an stable-proposed-update for
the next point release.

In the meantime, I've updated the tracker.

Thanks,
Mike

Reply to:

Prev by Date: Re: [SECURITY] [DSA 2521-1] libxml2 security update
Next by Date: How to manage CVE
Previous by thread: Re: [SECURITY] [DSA 2521-1] libxml2 security update
Next by thread: How to manage CVE
Index(es):
- Date
- Thread