1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3449-1] bind9 security update

    From Salvatore Bonaccorso@1:229/2 to All on Tue Jan 19 21:50:02 2016
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3449-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 19, 2016 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : bind9
    CVE ID : CVE-2015-8704

    It was discovered that specific APL RR data could trigger an INSIST
    failure in apl_42.c and cause the BIND DNS server to exit, leading to a denial-of-service.

    For the oldstable distribution (wheezy), this problem has been fixed
    in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u9.

    For the stable distribution (jessie), this problem has been fixed in
    version 1:9.9.5.dfsg-9+deb8u5.

    We recommend that you upgrade your bind9 packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBCgAGBQJWnp/jAAoJEAVMuPMTQ89E180QAIeJ/iEoF9HCtcUrkC0eBL/e /YXFKTW11jMzCGK6Q31jglKfs7DZzA67TxCi2fstwQqwlGON/mB/Nowc1ihF1aso k24emGiBLRHQxBvptKN6wMZYpqUMnNpVybhD6/CRsscH+5PsD5ZQ9yQcn+it4bx1 lkasndFxygkp7t2nZvgOD49oQHy/n82IVNiHumbiOag5PIEDYrTvMMfHBy/1TxNX Y6njcPdOV8/5zfvVMBo93i3lF32UzO2Bffm1uF4ye+Nm7BVZ3Q7hDf65U14sHQMR RF2jy+vsAHtBeyOLezrEZoPRZnj+C6aV+xfiTdxNUUpeoZ5sbbmgXJ0kUzgn7UoL q1nqf0ZrhZ2Ztj/mPBUSNCagjuM/8L1qe4AN4VF1+oAWtmODZiEk0jUDXpGNHARf p1wLHk0wlsAvj2rLlP2JnAup3J8XLdDSPCgQcyOrWWXK9lW5jWRATqxJw2EfSKrg asNjLKxZv6XlNPdw+AiA+91yX2MbktnFIZiK4f8vlFieSFNDmdKGT2ZDGkUvywLi pIsje6AcHAwL9dJ/eNzCraFRpnnEHB6WGsVuEvUsMh6udk+d3gyiFrAnlm1e7ojI b9rfBBNIMWmQ9EbHqBtBi7VDkNXQZB8KKPvzJdryqt2VZBxqTWL/tL6hmK+ChDIY yOfHZrumRzImPkp9GvF9
    =0lEC
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)
  • From Ronald Schmidt@1:229/2 to Salvatore Bonaccorso on Wed Jan 20 23:40:01 2016
    XPost: linux.debian.security
    From: [email protected]

    --089e01177bc1e4b8a00529cb536a
    Content-Type: text/plain; charset=UTF-8

    unsubscribe

    Salvatore Bonaccorso <[email protected]> schrieb am Di., 19. Jan. 2016 um
    21:45 Uhr:

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3449-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 19, 2016 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : bind9
    CVE ID : CVE-2015-8704

    It was discovered that specific APL RR data could trigger an INSIST
    failure in apl_42.c and cause the BIND DNS server to exit, leading to a denial-of-service.

    For the oldstable distribution (wheezy), this problem has been fixed
    in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u9.

    For the stable distribution (jessie), this problem has been fixed in
    version 1:9.9.5.dfsg-9+deb8u5.

    We recommend that you upgrade your bind9 packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBCgAGBQJWnp/jAAoJEAVMuPMTQ89E180QAIeJ/iEoF9HCtcUrkC0eBL/e /YXFKTW11jMzCGK6Q31jglKfs7DZzA67TxCi2fstwQqwlGON/mB/Nowc1ihF1aso k24emGiBLRHQxBvptKN6wMZYpqUMnNpVybhD6/CRsscH+5PsD5ZQ9yQcn+it4bx1 lkasndFxygkp7t2nZvgOD49oQHy/n82IVNiHumbiOag5PIEDYrTvMMfHBy/1TxNX Y6njcPdOV8/5zfvVMBo93i3lF32UzO2Bffm1uF4ye+Nm7BVZ3Q7hDf65U14sHQMR RF2jy+vsAHtBeyOLezrEZoPRZnj+C6aV+xfiTdxNUUpeoZ5sbbmgXJ0kUzgn7UoL q1nqf0ZrhZ2Ztj/mPBUSNCagjuM/8L1qe4AN4VF1+oAWtmODZiEk0jUDXpGNHARf p1wLHk0wlsAvj2rLlP2JnAup3J8XLdDSPCgQcyOrWWXK9lW5jWRATqxJw2EfSKrg asNjLKxZv6XlNPdw+AiA+91yX2MbktnFIZiK4f8vlFieSFNDmdKGT2ZDGkUvywLi pIsje6AcHAwL9dJ/eNzCraFRpnnEHB6WGsVuEvUsMh6udk+d3gyiFrAnlm1e7ojI b9rfBBNIMWmQ9EbHqBtBi7VDkNXQZB8KKPvzJdryqt2VZBxqTWL/tL6hmK+ChDIY yOfHZrumRzImPkp9GvF9
    =0lEC
    -----END PGP SIGNATURE-----

    --

    Ronald Schmidt ~ http://www.ronsc.de ~ Mobil: +49-172-7914458

    --089e01177bc1e4b8a00529cb536a
    Content-Type: text/html; charset=UTF-8
    Content-Transfer-Encoding: quoted-printable

    <div dir="ltr">unsubscribe<br><br><div class="gmail_quote"><div dir="ltr">Salvatore Bonaccorso &lt;<a href="mailto:[email protected]">[email protected]</a>&gt; schrieb am Di., 19. Jan. 2016 um 21:45 Uhr:<br></div><blockquote class="gmail_quote" style="
    margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
    Hash: SHA512<br>

    - -------------------------------------------------------------------------<br> Debian Security Advisory DSA-3449-1                   <a href="mailto:[email protected]" target="_blank">[email protected]</a><br>
    <a href="https://www.debian.org/security/" rel="noreferrer" target="_blank">https://www.debian.org/security/</a>                     Salvatore Bonaccorso<br>
    January 19, 2016                      <a href="https://www.debian.org/security/faq" rel="noreferrer" target="_blank">https://www.debian.org/security/faq</a><br>
    - -------------------------------------------------------------------------<br>

    Package        : bind9<br>
    CVE ID         : CVE-2015-8704<br>

    It was discovered that specific APL RR data could trigger an INSIST<br>
    failure in apl_42.c and cause the BIND DNS server to exit, leading to a<br> denial-of-service.<br>

    For the oldstable distribution (wheezy), this problem has been fixed<br>
    in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u9.<br>

    For the stable distribution (jessie), this problem has been fixed in<br> version 1:9.9.5.dfsg-9+deb8u5.<br>

    We recommend that you upgrade your bind9 packages.<br>

    Further information about Debian Security Advisories, how to apply<br>
    these updates to your system and frequently asked questions can be<br>
    found at: <a href="https://www.debian.org/security/" rel="noreferrer" target="_blank">https://www.debian.org/security/</a><br>

    Mailing list: <a href="mailto:[email protected]" target="_blank">[email protected]</a><br>
    -----BEGIN PGP SIGNATURE-----<br>
    Version: GnuPG v1<br>


    [continued in next message]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)