Debian Security Advisory
DLA-48-1 bind9 -- LTS security update
- Date Reported:
- 05 Sep 2014
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 735190.
In Mitre's CVE dictionary: CVE-2014-0591.
- More information:
Fix denial of service attack when processing NSEC3-signed zone queries, fixed by not calling memcpy with overlapping ranges in bin/named/query.c. - patch backported from 9.8.6-P2 by Marc Deslauriers from the Ubuntu Security team for USN-2081-1.
For Debian 6
Squeeze, these issues have been fixed in bind9 version 9.7.3.dfsg-1~squeeze12