[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 163-1] bind9 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : bind9
Version        : 1:9.7.3.dfsg-1~squeeze14
CVE ID         : CVE-2015-1349
Debian Bug     : 778733

Jan-Piet Mens discovered that the BIND DNS server would crash when
processing an invalid DNSSEC key rollover, either due to an error on
the zone operator's part, or due to interference with network traffic
by an attacker.  This issue affects configurations with the directives
"dnssec-validation auto;" (as enabled in the Debian default
configuration) or "dnssec-lookaside auto;".

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJU819JXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHeOoP/ihw6mf2zFmZkAMhZqpNfcf3
wbHm+XERzg0XHQ32lb9CFzOu2Wga9rvJi2CNRTktNPjsyGNz54yzC5SDwbd4kFfV
gD5exb/YKnpZ+xeI7DMaBmm+1s1XYA1xpiMNjGaVuKn6+xNj7trPqkqu1iub3Go/
4Zk/2DZmfZKr0UDyarZIO6rccUy++wMnepz8vdPd5O3f9YwXhnNi3bc3hwqFU0h8
h1lYxC3vo/HeLE1xoync7xbkdSyRcKBvsDrBv75yGDYS1INCOCnbtYB6SncCpA7I
xWO0gqkOb+E2pS+vhz7DGv99RssLDOgqp5XfC5ki0+SEPQ7SuKJoR16yqxflwWa6
aiWj8CIEC+B6q3kFZtCwTd+L1YuTYVvhiZK7QY/ZHqwea3mV10ZpGpFFGL3YnNhr
SgYm/4+ftFA/7Kz5p9KKpdsyacG+Fge9GZBCZKoIsj6Auk5+miEciaKTN02k/Zrj
K6aOLp47DLi9OncQxQj5CPq6K6gnvFw6cy7kYkqS2870+EFNqUH1Q5nu6ww0Ba2o
lJ8te6hnxtjARDvWQjwOF6Iy3vfx/PHHJNW+WTvmNdktOu/1+TX5ZD7HmjbyK9lV
hyeFhmY8t6HnLFPrAvKod/kqwbOfIFvi2J8W0lOgaU6pym4njnYY/D6DXxwlXDZv
nfg7TQ6KMwhY3Zp56ybo
=w8py
-----END PGP SIGNATURE-----


Reply to: