Package: bind9 Severity: grave Tags: security Justification: user security hole
Two security issues have been reported in Bind: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html * If BIND, acting as a DNSSEC validating server, has two or more trust anchors configured in named.conf for the same zone (such as example.com) and the response for a record in that zone from the authoritative server includes a bad signature, the validating server will crash while trying to validate that query. -> This is CVE-2010-3762 * A flaw where the wrong ACL was applied was fixed. This flaw allowed access to a cache via recursion even though the ACL disallowed it. -> No CVE ID is available so far, but this issue only affects 9.7.2, so Squeeze/sid is not affected: https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html Cheers, Moritz -- System Information: Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
