Source: bind9 Version: 1:9.9.5.dfsg-9 Severity: important Tags: security upstream
Hi, the following vulnerability was published for bind9. CVE-2016-6170[0]: | ISC BIND through 9.10.4-P1 allows primary DNS servers to cause a | denial of service (secondary DNS server crash) via a large AXFR | response, and possibly allows IXFR servers to cause a denial of | service (IXFR client crash) via a large IXFR response and allows | remote authenticated users to cause a denial of service (primary DNS | server crash) via a large UPDATE message. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-6170 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1353563 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
