[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1255-1] bind9 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : bind9
Version        : 1:9.8.4.dfsg.P1-6+nmu2+deb7u19
CVE ID         : CVE-2017-3145


Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server
implementation, was improperly sequencing cleanup operations, leading in
some cases to a use-after-free error, triggering an assertion failure
and crash in named.


For Debian 7 "Wheezy", these problems have been fixed in version
1:9.8.4.dfsg.P1-6+nmu2+deb7u19.

We recommend that you upgrade your bind9 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJaZQnDXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHQJIP/AgfnjKVtxv+b0yOi8ivRVEa
lSFTUkEU6d5u8OWaqlV2Zt47hjWLbpX+smQ32Kx63ctNNV12E0BKQn3/BZKfweqV
/3LNeDSV94scrFJIcdJAHpjjAaT3/6JWmu5LMxYRfpS0FBbJNcHsOqMZ3yB71qTx
0cRcUJ9DBLJtk+udcKei+6fjb3QRmetclHzxfA2H0LqclZX6ZxNmOKBhyaCKM2kb
exHaZW6xI+2FBzWRr/36mrG6TwmqbmOIgk5f3bL7A4cWbJgYmiQGc1TNonfGlp7C
Xja6q9JjShHDy271togsS/npaU7vkjvqt+aavKfVVt2/P5zvgjebTQPeee+xKWJd
V/7TWubDKG1FTTKoxcZrhBNquGHpWxppNlP+LTa5zqnBEvEGkfr3SJALdOvBB3qr
91KwmLlEFfEwMQgoGEra3RFHLm7SCWVvVNIaQ+8siP+OEIlP723P2lXbe0yM6HAi
KuiKWPMvQLjdUbR1JoxpYDeSUkRhGlKsqlFdOLZmUu1+PSW0Qj03+GfQQm0ED89q
N7qslSZKhYAg0cAeH9XdwSRWdGlMmQFImLLPVFUU16BWtj+i7EGo4HGLqekp8EPl
YodmAglh1RHvb6zRujqAdX/vUspGJ74ulnp1OTJsFxNwPFOTaCPqlFRcrXzmNa+C
xpble+84A/Z4azzHlasp
=MbUr
-----END PGP SIGNATURE-----
Reply to: