Your message dated Thu, 01 Aug 2013 19:17:37 +0000 with message-id <e1v4ynv-0003we...@franck.debian.org> and subject line Bug#717936: fixed in bind9 1:9.8.4.dfsg.P1-6+nmu2+deb7u1 has caused the Debian Bug report #717936, regarding bind9: CVE-2013-4854: A specially crafted query can cause BIND to terminate abnormally to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 717936: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717936 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: bind9 Severity: grave Tags: security upstream patch Hi, the following vulnerability was published for bind9. CVE-2013-4854[0]: A specially crafted query can cause BIND to terminate abnormally See [1] for the upstream knowledge base entry. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2013-4854 [1] https://kb.isc.org/article/AA-01015/0 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: bind9 Source-Version: 1:9.8.4.dfsg.P1-6+nmu2+deb7u1 We believe that the bug you reported is fixed in the latest version of bind9, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 717...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated bind9 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Jul 2013 10:39:42 +0200 Source: bind9 Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-80 libdns88 libisc84 liblwres80 libisccc80 libisccfg82 dnsutils lwresd Architecture: source all amd64 Version: 1:9.8.4.dfsg.P1-6+nmu2+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: LaMont Jones <lam...@debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: bind9 - Internet Domain Name Server bind9-doc - Documentation for BIND bind9-host - Version of 'host' bundled with BIND 9.X bind9utils - Utilities for BIND dnsutils - Clients provided with BIND host - Transitional package libbind-dev - Static Libraries and Headers used by BIND libbind9-80 - BIND9 Shared Library used by BIND libdns88 - DNS Shared Library used by BIND libisc84 - ISC Shared Library used by BIND libisccc80 - Command Channel Library used by BIND libisccfg82 - Config File Handling Library used by BIND liblwres80 - Lightweight Resolver Library used by BIND lwresd - Lightweight Resolver Daemon Closes: 717936 Changes: bind9 (1:9.8.4.dfsg.P1-6+nmu2+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2013-4854: A specially crafted query that includes malformed rdata can cause named to terminate with an assertion failure while rejecting the malformed query. (Closes: #717936). Checksums-Sha1: f876e691440c8b694857c28ef518e997767022ca 2638 bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1.dsc 3ab83667ab3ce2df6bdf558cc1e5a361fe5b539b 7258441 bind9_9.8.4.dfsg.P1.orig.tar.gz 81497ea523e93f274a1f92e146da9d52869794d5 672985 bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1.diff.gz 3aef5ad132e643e96589da0fa0453e0b4378c15c 365052 bind9-doc_9.8.4.dfsg.P1-6+nmu2+deb7u1_all.deb 05b5e50700ec3fb2ad3ee884fc1da97ab4b068a1 20558 host_9.8.4.dfsg.P1-6+nmu2+deb7u1_all.deb 04e98e3c6dba64905d11726906d2c4ce6c0a942a 371058 bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb d988b632578df5f6330158dae6c4f8a22914c2b1 128006 bind9utils_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb eefd98365ad7f2c644e3cfec633dd4d8f0c3a978 73356 bind9-host_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 3fb980d052e08d4ea283fcba4f8bd31a23c8f63c 1580518 libbind-dev_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 5841b33d11d6cf5bd73290b5a1f9db066472ec3c 42248 libbind9-80_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb e576d5f1ca435635ecae9e51f229b567d11b9bb2 750230 libdns88_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 0e4077b2b354124a82482585c1fb9e014a8d04a3 182500 libisc84_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 568048984219033156e7398dd40739059aa5d7d6 55200 liblwres80_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 034ba88365cab4d877c6848d71aa122901bd0565 35924 libisccc80_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb b37b7f57870d1dd1acff72d3b30a3fefbd6c986d 62760 libisccfg82_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb c744d756b099eab1e6440f0b8ec915251d7cddc7 166128 dnsutils_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 87daedf122678f5fb11c4d7922b5693f2899d5f0 252440 lwresd_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb Checksums-Sha256: 79439c2842ba2799a66f29673a7596eef3d2299b38195b47729cd5494f25087a 2638 bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1.dsc de7b8ef3f5336ba2c19e7ad8cec618e1bf77fbd81cc2e45cc7f798544e843bdb 7258441 bind9_9.8.4.dfsg.P1.orig.tar.gz 2fcd0aec74b09ef8d56ce2ffe55094de282e65bc4cbeb6948cd9b3a1476fb829 672985 bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1.diff.gz f7694032bd607e35e92974495dd3108576ffa77e81e70fc049f86212ae390e90 365052 bind9-doc_9.8.4.dfsg.P1-6+nmu2+deb7u1_all.deb 80c71a4e9dd75f19f3b134a544694abaa02ff751cd00dc7a91cfcc4461a93b53 20558 host_9.8.4.dfsg.P1-6+nmu2+deb7u1_all.deb 41dffd8ede902f809a20c274565654c3beaae57e7c52d16342f9291a1912e21b 371058 bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb c55da2b19709478809be3fff975e20f622ed12ce49a43cbad255694daf1b5c88 128006 bind9utils_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb f6f2271bbaeb34bac8c3c8efe8c858a26b1ffc826949f9b9235bef1faa92fddd 73356 bind9-host_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 3e226a731729bae94540a675d38d85b86e9e5ccd642672c4c44b96be77a26296 1580518 libbind-dev_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 0db781e7b35ccaa5841fd433d0a2574c7a79238030e36ec86c10cd4a5bfc814f 42248 libbind9-80_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 247c7e1a67c64a59357b078cbd892d87f251d1e606e5479ab65340d281c89f83 750230 libdns88_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 4e8bb71db365ca0f04747623e252c97f7688f61a53b3d6b59e51fa6ff7c722c5 182500 libisc84_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb bc46a60a3d493be7753fb7006d3e0a5ea068143b85894e7298e2bcc52ea51dc1 55200 liblwres80_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 3932b8af411bc1261f1bc54845e4f56f43c6373e413c53a227449871bc52bfd2 35924 libisccc80_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb defa63cc8c7d0cfc7aa30d7211c8073cabafdab7e42e3d3fd275d8e6deb1a1cf 62760 libisccfg82_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 1af90894f42ad15b5fe2fb9b6e8caacbdabcb0010780a24fdfa8af9f828e6b6c 166128 dnsutils_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb dcada8d482a320492359b5b091ee8548a572e62ad3a862ae73347d0003069a52 252440 lwresd_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb Files: d070ffcc0ed62dde980b3b2321befe6a 2638 net optional bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1.dsc 96f5c03a8b42d29519c8860bea5a8353 7258441 net optional bind9_9.8.4.dfsg.P1.orig.tar.gz 62e3d74f61bd21bc18c67fc067c14e63 672985 net optional bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1.diff.gz 5a97a00d5c1577a9872dcd8d78c33407 365052 doc optional bind9-doc_9.8.4.dfsg.P1-6+nmu2+deb7u1_all.deb 280f118207a1238362df45729de972fd 20558 net standard host_9.8.4.dfsg.P1-6+nmu2+deb7u1_all.deb 4b93867cdf2d411823985a7666df649e 371058 net optional bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb eb99aee7f6527ebea9a32308fb8ff0bf 128006 net optional bind9utils_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 0227da20a6ed117dcf447a55bcfa2f89 73356 net standard bind9-host_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb c02c157c970102d4b38882b706156e5c 1580518 libdevel optional libbind-dev_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb d8a60b2f2405314a258f6439771a7db0 42248 libs standard libbind9-80_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb c9015503627df62f64b915a4b5f03cb2 750230 libs standard libdns88_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 581da8164e8b9c0b9185cceef86b2aa7 182500 libs standard libisc84_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 0b06f012eb6c88f01957ac0679a0925a 55200 libs standard liblwres80_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb e6e517223b78f864f341d8507e32358f 35924 libs optional libisccc80_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb cca202ad3bb2fe2b64fdee4db5e12a07 62760 libs optional libisccfg82_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb 247001ddd68d62ac0c4e817d0c6ea39b 166128 net standard dnsutils_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb a231a15aebf8c74cdca96e023552fb0d 252440 net optional lwresd_9.8.4.dfsg.P1-6+nmu2+deb7u1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJR84llAAoJEHidbwV/2GP+1M4P/3W6ZOInXiEs+zjT80EBINsz SffdI8VMBGL8yvg92PNoBxCgjE5VDan8b4MJJkU2bTMkYFMkJQYkxtXCgzivqm7y dteKzJqXeUGnrFZj/PGRFtM7UiHP0kh34UDiUHur3rEUuj7usMnBRFYS813614oU Cf5Ae8ddEWu4bIvfWC6BE3XOv4kkgeSmE4dfdWXtTjT33ENLDIQ05FK5TNkmD4rF VTCH9f3j6lO3MSpQ6R8EZSCbe8tcz9SFsDMEcz8RycEt3o/NTHMwQIdt9xDYr3o1 IBvQjdODefXtPWwoA0hleFUylN6E6FbrptpnkK4jB3bPsd1pXDnHOtu9CRdOclFL Tc6f94v738GHlGyCdwht7C4PdLKUwb2x6kpCKcRK05rxmSRaq/231HwM+y03G7un Kz8Nt1miWRAPZWaOe9b64kPR/EJmKDA5flTIMfpYjGRb33cRofhxTqA87IEw0WVC g3tpAgW587tiERFncJT+/BMt+BQduUgoR3e6HMI9U4559I7CAazlwXAV4VnjFyXO EEag7wPQ3wqWaR0zQrPkCXY7mFwM1rwCcdWktUUNz09Mu4zYd6DmRIsxuXILx6iR xAST+y1GfllmiiaCnJ8NO4ZmQ07rGKWzIY8K5y9M4IZl3s5K23ghnquCmYydCkct ilXrzofO8ZCU3rb1utwV =YjmQ -----END PGP SIGNATURE-----
--- End Message ---
