Bug#905973: marked as done (bind9: CVE-2018-5740)

Debian Bug Tracking System Fri, 25 Nov 2022 14:57:21 -0800

Your message dated Fri, 25 Nov 2022 23:54:32 +0100
with message-id <y4fhqoj1j7rfq...@fliwatuet.svr02.mucip.net>
and subject line Closing fixed bugs
has caused the Debian Bug report #905743,
regarding bind9: CVE-2018-5740
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
905743: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905743
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: bind9
Version: 1:9.10.3.dfsg.P4-12.3+deb9u4
Severity: important

Dear Maintainer,


https://kb.isc.org/article/AA-01639/0 worries me a lot.
I don't think not using deny-answer-aliases is really an option,
as this would lead to other security issues.


Regards,
Rob


-- System Information:
Debian Release: 9.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-7-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages bind9 depends on:
ii  adduser                3.115
ii  bind9utils             1:9.10.3.dfsg.P4-12.3+deb9u4
ii  debconf [debconf-2.0]  1.5.61
ii  init-system-helpers    1.48
ii  libbind9-140           1:9.10.3.dfsg.P4-12.3+deb9u4
ii  libc6                  2.24-11+deb9u3
ii  libcap2                1:2.25-1
ii  libcomerr2             1.43.4-2
ii  libdns162              1:9.10.3.dfsg.P4-12.3+deb9u4
ii  libgeoip1              1.6.9-4
ii  libgssapi-krb5-2       1.15-1+deb9u1
ii  libirs141              1:9.10.3.dfsg.P4-12.3+deb9u4
ii  libisc160              1:9.10.3.dfsg.P4-12.3+deb9u4
ii  libisccc140            1:9.10.3.dfsg.P4-12.3+deb9u4
ii  libisccfg140           1:9.10.3.dfsg.P4-12.3+deb9u4
ii  libk5crypto3           1.15-1+deb9u1
ii  libkrb5-3              1.15-1+deb9u1
ii  liblwres141            1:9.10.3.dfsg.P4-12.3+deb9u4
ii  libssl1.0.2            1.0.2l-2+deb9u3
ii  libxml2                2.9.4+dfsg1-2.2+deb9u2
ii  lsb-base               9.20161125
ii  net-tools              1.60+git20161116.90da8a0-1
ii  netbase                5.4

bind9 recommends no packages.

Versions of packages bind9 suggests:
ii  bind9-doc   1:9.10.3.dfsg.P4-12.3+deb9u4
ii  dnsutils    1:9.10.3.dfsg.P4-12.3+deb9u4
pn  resolvconf  <none>
pn  ufw         <none>

-- Configuration Files:
/etc/bind/db.root changed [not included]
/etc/bind/named.conf changed [not included]

-- debconf information:
  bind9/start-as-user: bind
  bind9/different-configuration-file:
  bind9/run-resolvconf: false

--- End Message ---

--- Begin Message ---
Closing bugs that have already been fixed in stable or unstable
signature.asc
Description: PGP signature

--- End Message ---

Bug#905973: marked as done (bind9: CVE-2018-5740)

Reply via email to