Bug#717936: marked as done (bind9: CVE-2013-4854: A specially crafted query can cause BIND to terminate abnormally)

Sat, 27 Jul 2013 09:06:28 -0700 

Your message dated Sat, 27 Jul 2013 16:03:10 +0000
with message-id <e1v36xa-00039g...@franck.debian.org>
and subject line Bug#717936: fixed in bind9 1:9.8.4.dfsg.P1-6+nmu3
has caused the Debian Bug report #717936,
regarding bind9: CVE-2013-4854: A specially crafted query can cause BIND to 
terminate abnormally
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
717936: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717936
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: bind9
Severity: grave
Tags: security upstream patch

Hi,

the following vulnerability was published for bind9.

CVE-2013-4854[0]:
A specially crafted query can cause BIND to terminate abnormally

See [1] for the upstream knowledge base entry.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] http://security-tracker.debian.org/tracker/CVE-2013-4854
[1] https://kb.isc.org/article/AA-01015/0

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: bind9
Source-Version: 1:9.8.4.dfsg.P1-6+nmu3

We believe that the bug you reported is fixed in the latest version of
bind9, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 717...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <car...@debian.org> (supplier of updated bind9 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 27 Jul 2013 10:24:07 +0200
Source: bind9
Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-80 
libdns88 libisc84 liblwres80 libisccc80 libisccfg82 dnsutils lwresd
Architecture: source all amd64
Version: 1:9.8.4.dfsg.P1-6+nmu3
Distribution: unstable
Urgency: high
Maintainer: LaMont Jones <lam...@debian.org>
Changed-By: Salvatore Bonaccorso <car...@debian.org>
Description: 
 bind9      - Internet Domain Name Server
 bind9-doc  - Documentation for BIND
 bind9-host - Version of 'host' bundled with BIND 9.X
 bind9utils - Utilities for BIND
 dnsutils   - Clients provided with BIND
 host       - Transitional package
 libbind-dev - Static Libraries and Headers used by BIND
 libbind9-80 - BIND9 Shared Library used by BIND
 libdns88   - DNS Shared Library used by BIND
 libisc84   - ISC Shared Library used by BIND
 libisccc80 - Command Channel Library used by BIND
 libisccfg82 - Config File Handling Library used by BIND
 liblwres80 - Lightweight Resolver Library used by BIND
 lwresd     - Lightweight Resolver Daemon
Closes: 717936
Changes: 
 bind9 (1:9.8.4.dfsg.P1-6+nmu3) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2013-4854: A specially crafted query that includes malformed rdata can
     cause named to terminate with an assertion failure while rejecting the
     malformed query. (Closes: #717936).
Checksums-Sha1: 
 22e3acae2fde0c76090f85e86f5bd17c433a9b43 2610 bind9_9.8.4.dfsg.P1-6+nmu3.dsc
 06006bd41f5541bf32644a2e21e6e77a23ce41cd 672973 
bind9_9.8.4.dfsg.P1-6+nmu3.diff.gz
 0898c86a9f43a8debbc97da0b9857d0964b68069 365034 
bind9-doc_9.8.4.dfsg.P1-6+nmu3_all.deb
 b06c353c52304604fe215b92395b8a02d924f23e 20544 
host_9.8.4.dfsg.P1-6+nmu3_all.deb
 b3e0ff59c00008fec146eec5d33d4e83878fc527 361990 
bind9_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 b7a8b34a1840f432269ac6e2b6b391ebc1ece458 125970 
bind9utils_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 d27308cec6d59fb36bdc2a47bed5b2e2bd9d083b 70784 
bind9-host_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 6bfe247ab52ff62bdef5aabbd1696ea48bf1cf5f 1581840 
libbind-dev_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 1d0bd6986b2ac5da79c48563a193812d79715031 42238 
libbind9-80_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 b8f148fb1838635f6b8cd4d542b75b3faff051a4 751916 
libdns88_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 42e4deb7a8951fe0fd5cbd178102d5f6d8db9c31 177618 
libisc84_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 1ab495bd735f4116a51b1ad74d9b7bad2a94fbdf 54586 
liblwres80_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 6d8d7912f0a2c633c4001b9ea49b2eab07f43ba7 35398 
libisccc80_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 b0a8bd439d6a92a18919c3cb9de3d7de7f59f045 62146 
libisccfg82_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 361238f3e30d75bbd31ba346064904e269e10f22 160708 
dnsutils_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 a8f1ddb88061898df1ca77ede67a01b6b8a4b429 244794 
lwresd_9.8.4.dfsg.P1-6+nmu3_amd64.deb
Checksums-Sha256: 
 e6a8b8b54ffaa5a0e2efea285cab429bc70b8e2742505d82393ba7b03ae3eec6 2610 
bind9_9.8.4.dfsg.P1-6+nmu3.dsc
 00f570ebfbc8378b9c595b3479a286178708b7cc7ef9a218c77fafa3dd691598 672973 
bind9_9.8.4.dfsg.P1-6+nmu3.diff.gz
 749446a4add9d7a51f5270d06d200e49642a9d95a3af29f6d0999dd6f83a554c 365034 
bind9-doc_9.8.4.dfsg.P1-6+nmu3_all.deb
 7a1ba8ad5d14a9ba2786d3bfd999ef28f501ab3277e445088b73ebc47a811086 20544 
host_9.8.4.dfsg.P1-6+nmu3_all.deb
 6b30ecae215e26e86040149f2b4b67beedc10cee987343ba594d3d9252d76bcc 361990 
bind9_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 a9a3cca60a468736926154ebfaa9c613c2fb8414d1be330054a4577326443913 125970 
bind9utils_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 f7e8ece57e92fa8382f73b3e0ba52484b84ada34242a68e2b539301560d56fd8 70784 
bind9-host_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 11b11421b270f93430c14d5ed61b709ad52205a7039bfb457bf40c612ecab67c 1581840 
libbind-dev_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 02e20b7e0f622afb95bf92ab4f498d2879c2be77044594c18febc52c159d30ac 42238 
libbind9-80_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 146ee81932a5b0ec34f7344a93f06425365756c6e7b779b36aa3b14bd33bacdc 751916 
libdns88_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 077dc437ca692c76af6d06eacc5c71f6763534bb3f61a7658f5f1f244db4b000 177618 
libisc84_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 cfd69b3de079bf384a3e9737f5254504969e37c5ca11da2b33179e0a1e6bfeca 54586 
liblwres80_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 a97aa9deb7f5440c385a56385f27b57ad5539a97973eb8bb1e8f109f5347ef77 35398 
libisccc80_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 93351927ddbfd8d62dc0cbb37cb0577088e21554056bdbbb339aba509a603f36 62146 
libisccfg82_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 41a59594224b953bde536183c4aeb8d25119d080ce8d80c50f4059d614c13d6f 160708 
dnsutils_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 3644a27f3696fae99f35a938b388be1f9068882d6e49708d4aa43fa185f2dc0f 244794 
lwresd_9.8.4.dfsg.P1-6+nmu3_amd64.deb
Files: 
 fb0e8ae529a51265fb195ada43b03c93 2610 net optional 
bind9_9.8.4.dfsg.P1-6+nmu3.dsc
 e0830160eed4f121f0281cac8948d173 672973 net optional 
bind9_9.8.4.dfsg.P1-6+nmu3.diff.gz
 e9b55a13629b2c5f296d9f26a6130ad6 365034 doc optional 
bind9-doc_9.8.4.dfsg.P1-6+nmu3_all.deb
 0ad376d60b12a44caf35fcbbd1b73e4f 20544 net standard 
host_9.8.4.dfsg.P1-6+nmu3_all.deb
 34c8ae79b90d4fd90438b18345cbccf5 361990 net optional 
bind9_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 481512030079c3b1b1fba9dd4d742482 125970 net optional 
bind9utils_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 8b2e849bca6a2e20a30ee2b4a5cda4f3 70784 net standard 
bind9-host_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 09eb36e01247a612d9e793d404dd2e13 1581840 libdevel optional 
libbind-dev_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 13112ee809789f0de7c963635b4821e1 42238 libs standard 
libbind9-80_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 abaab44523d1d5299aeb12ff38912b11 751916 libs standard 
libdns88_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 5712bb8c0233e71fe48bc969ed3a99a6 177618 libs standard 
libisc84_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 b81644aefdf0d1d911a639d9c6fa721a 54586 libs standard 
liblwres80_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 9e7923069246b90639c6c3cde3c25063 35398 libs optional 
libisccc80_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 f62a98ce8e0132823d1354331b85dfaf 62146 libs optional 
libisccfg82_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 ab4ec5d0db02bf70e3a1d921f8205dd0 160708 net standard 
dnsutils_9.8.4.dfsg.P1-6+nmu3_amd64.deb
 531f30e78012d1d77e6c6ec38c8def0f 244794 net optional 
lwresd_9.8.4.dfsg.P1-6+nmu3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJR89IUAAoJEHidbwV/2GP+orsP/1+SVqwgA19CutIlKlqGwxmF
uekstqQNxUxR+swYum61CdgI76TLmWmxATaXse/D6aHONjFYbNi0umMWkdpAI7Fs
2AL1yFPF9cNncJb4ZRbjGtlg6R/duHCwPdMj6isgH/c3VydLthka19n7yl5o+D2+
JW2jNW0pKktHV+UPNjvEHvp8jWdNY9mYDnvHDlmd9vRCiz2InUIo83L6nK0LyYbs
bwdlJIvy5lNNZFw8i7OzUojGbBIyUurqST5SyO+SaasT2+kI6duVSnRCijSeSuWW
K2fwNQKkk9nL8qhjRfqW+lB8iPlJWpeD+xT27s5jxOU2/QX9uHKk0obRDXerTsaL
f0u48VICVR+QPj+lrL9Df01pdvNKQJP/KWW3Wc2RD3xclf9a1CyQ8pSN4NRjm3kf
Rr7JGNJ6fZ6Sb91VGGfwNY062uvYxrENbYLRKzWU7FsY0XYkQ47XhkzExQzvblu1
8glhqINu0zC84XXZKtZ2FB+nlRY8q+tfN6RmarCvfdygTx20UIEZgPM9OWEAvNHc
HMRHDUqkV3P10hki3X6K5CzC9Si9llrI5Sjq5gzF1vtXqV/C3eo7vOkkJa2AUrXm
1FonFhAu/33Fj2q7jSOsGqpPRNmrk3PxTdSds6unzJuVUtB5mAcaHC3CGy0Pseay
CKJTehkHM+JuA4D0WjKd
=V23k
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to