[ubuntu/quantal] bind9 1:9.8.1.dfsg.P1-4.2 (Accepted)
Sebastien Bacher
seb128 at ubuntu.com
Fri Aug 3 20:03:12 UTC 2012
bind9 (1:9.8.1.dfsg.P1-4.2) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix denial of service vulnerability triggered
through an assert because of using bad cache
(CVE-2012-3817; Closes: #683259).
bind9 (1:9.8.1.dfsg.P1-4.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* SECURITY UPDATE: ghost domain names attack
- lib/dns/rbtdb.c: Restrict the TTL of NS RRset to no more than that
of the old NS RRset when replacing it.
- Patch backported from 9.8.2.
- CVE-2012-1033
* SECURITY UPDATE: denial of service via zero length rdata handling
- lib/dns/rdata.c,lib/dns/rdataslab.c: use sentinel pointer for
duplicate rdata.
- Patch backported from 9.8.3-P1.
- CVE-2012-1667
Date: 2012-07-30 22:16:56.266342+00:00
Changed-By: LaMont Jones <lamont.jones at canonical.com>
Signed-By: Sebastien Bacher <seb128 at ubuntu.com>
https://launchpad.net/ubuntu/quantal/+source/bind9/1:9.8.1.dfsg.P1-4.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Quantal-changes
mailing list