Your message dated Tue, 7 Feb 2012 18:29:34 +0100
with message-id <20120207172933.ga29...@roeckx.be>
and subject line Re: BIND 9 Resolver crashes after logging an error in query.c
has caused the Debian Bug report #649099,
regarding BIND 9 Resolver crashes after logging an error in query.c
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
649099: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649099
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: bind9
Version: 1:9.8.1.dfsg-1
Severity: serious
Tags: security upstream
As you have probably heard, someone has found a way to remotely crash a bind9
server:
http://isc.sans.edu/diary.html?storyid=12049
https://www.isc.org/software/bind/advisories/cve-2011-4313
A stopgap patch (9.8.1-p1) is available, and should presumably be included
in a Debian release ASAP.
Severity only "serious" because so far it appears to be only a DoS.
--- End Message ---
--- Begin Message ---
Version: 1:9.8.1.dfsg.P1-1
On Thu, Nov 17, 2011 at 11:08:48AM -0500, sacrificial-spam-addr...@horizon.com
wrote:
> Package: bind9
> Version: 1:9.8.1.dfsg-1
> Severity: serious
> Tags: security upstream
>
> As you have probably heard, someone has found a way to remotely crash a bind9
> server:
> http://isc.sans.edu/diary.html?storyid=12049
> https://www.isc.org/software/bind/advisories/cve-2011-4313
>
> A stopgap patch (9.8.1-p1) is available, and should presumably be included
> in a Debian release ASAP.
That has been uploaded, but this bug wasn't closed. Doing so now.
Kurt
--- End Message ---
