[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: bind9: CVE-2018-5743



On 09-May-19 09:33 AM, Markus Wollny wrote:

Hello,

Is there an ETA on the fix for this bind9 vulnerability to be
available for Debian Stretch yet?
I see LTS (jessie) is still marked as vulnerable, the DLA needed doc indicates a test package was ready on 12 May, are there issues around it's release?

https://security-tracker.debian.org/tracker/CVE-2018-5743 says that
the stable branch is still vulnerable (fixed in buster/sid only), even
though the Debian bug report
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927932 is already
marked as closed.

I admit I am not all too familiar with usual Debian security
procedures in such cases, but as the bug is rated with a severity
rating of grave and it's now two weeks since the public disclosure, I
am starting to feel a little worried.

Kind regards

  Markus

--
Kind Regards,

Shaun Bugler
System Administrator
Hetzner (Pty) Ltd

SA Contact Centre: 0861 0861 08
International: +27 21 970 2000



Website: hetzner.co.za
Disclaimer: hetzner.co.za/email-disclaimer

Reply to: