Package: bind9
Tags: security
Severity: grave
A security relevant bug on all versions of bind9 has been discovered. Only
recursive servers are vulnerable. To mitigate the effects of a possible
attack it should be sufficient to set "minimal-responses yes;" in the
global "options {}" section.As information on that bug already leaked (and even got mailed to full-disclosure by Mandriva), I am reporting to the Debian bugtracker. See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166 and https://kb.isc.org/article/AA-00801 for details. best regards, Adi Kriegisch
signature.asc
Description: Digital signature
