Your message dated Sat, 10 Aug 2013 15:48:04 +0000 with message-id <e1v8boe-0000lg...@franck.debian.org> and subject line Bug#717936: fixed in bind9 1:9.7.3.dfsg-1~squeeze11 has caused the Debian Bug report #717936, regarding bind9: CVE-2013-4854: A specially crafted query can cause BIND to terminate abnormally to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 717936: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717936 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: bind9 Severity: grave Tags: security upstream patch Hi, the following vulnerability was published for bind9. CVE-2013-4854[0]: A specially crafted query can cause BIND to terminate abnormally See [1] for the upstream knowledge base entry. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] http://security-tracker.debian.org/tracker/CVE-2013-4854 [1] https://kb.isc.org/article/AA-01015/0 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: bind9 Source-Version: 1:9.7.3.dfsg-1~squeeze11 We believe that the bug you reported is fixed in the latest version of bind9, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 717...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated bind9 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Jul 2013 11:09:40 +0200 Source: bind9 Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-60 libdns69 libisc62 liblwres60 libisccc60 libisccfg62 dnsutils lwresd Architecture: source all amd64 Version: 1:9.7.3.dfsg-1~squeeze11 Distribution: squeeze-security Urgency: high Maintainer: LaMont Jones <lam...@debian.org> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: bind9 - Internet Domain Name Server bind9-doc - Documentation for BIND bind9-host - Version of 'host' bundled with BIND 9.X bind9utils - Utilities for BIND dnsutils - Clients provided with BIND host - Transitional package libbind-dev - Static Libraries and Headers used by BIND libbind9-60 - BIND9 Shared Library used by BIND libdns69 - DNS Shared Library used by BIND libisc62 - ISC Shared Library used by BIND libisccc60 - Command Channel Library used by BIND libisccfg62 - Config File Handling Library used by BIND liblwres60 - Lightweight Resolver Library used by BIND lwresd - Lightweight Resolver Daemon Closes: 717936 Changes: bind9 (1:9.7.3.dfsg-1~squeeze11) squeeze-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2013-4854: A specially crafted query that includes malformed rdata can cause named to terminate with an assertion failure while rejecting the malformed query. (Closes: #717936). Checksums-Sha1: d74323210fa39ed961db98d3928b826d651b404f 2192 bind9_9.7.3.dfsg-1~squeeze11.dsc 94f8b2b4268879113bc9b68b7224180bec816776 606490 bind9_9.7.3.dfsg-1~squeeze11.diff.gz e3175551d6263a184d0c83014d69099a7ae719ae 345172 bind9-doc_9.7.3.dfsg-1~squeeze11_all.deb 2b01d1acf9c490d9dbcb87261a3785cf70b63cc6 18542 host_9.7.3.dfsg-1~squeeze11_all.deb 10ddd695a705a558089ccab02e72c948e4973dcd 359984 bind9_9.7.3.dfsg-1~squeeze11_amd64.deb 518e9f5593e6946c01d42243d71edfdb57d8d068 126446 bind9utils_9.7.3.dfsg-1~squeeze11_amd64.deb c6fe39f3137aa9b8820fff3b4deb2b7d7e5f49b0 71632 bind9-host_9.7.3.dfsg-1~squeeze11_amd64.deb 1228b94178888b21545cfc74f2a785601f0e1498 1500020 libbind-dev_9.7.3.dfsg-1~squeeze11_amd64.deb 5a43696d961c9d2a2de6153f8947628461afc435 38790 libbind9-60_9.7.3.dfsg-1~squeeze11_amd64.deb 5d2900ec20cf3c0aee4d4e13da2e6cea9af79d00 708800 libdns69_9.7.3.dfsg-1~squeeze11_amd64.deb 60d348f4237eeb7636601c1f26f3d479b91cd02e 175084 libisc62_9.7.3.dfsg-1~squeeze11_amd64.deb 562f9e98c8186f4da0027bec4bfd1336739f4777 52372 liblwres60_9.7.3.dfsg-1~squeeze11_amd64.deb 7c4200e6e33ff551c4569a0d7b4d477be7b2f33a 33312 libisccc60_9.7.3.dfsg-1~squeeze11_amd64.deb 6452d3a41389285ab31aa6d25413cc306d9c536f 57544 libisccfg62_9.7.3.dfsg-1~squeeze11_amd64.deb 4949fb68eb6cb15193b67ca2516efc46f16af984 164914 dnsutils_9.7.3.dfsg-1~squeeze11_amd64.deb b46888389a6cfff9c58f74a615862e674c3a6d82 243478 lwresd_9.7.3.dfsg-1~squeeze11_amd64.deb Checksums-Sha256: 72a65ca3e168719d7e80c4d746326f466aae87ff874ddd672a97edbc39d52bc1 2192 bind9_9.7.3.dfsg-1~squeeze11.dsc 3363513d85f0fa2851e2637d8eb2abd3a023cf4447f7cdbcd06450fc76e47e9b 606490 bind9_9.7.3.dfsg-1~squeeze11.diff.gz b5dd2967fb6eac3710029dfb6834904760a2326558a210d214f817e1a2a73cd1 345172 bind9-doc_9.7.3.dfsg-1~squeeze11_all.deb 899bb761de0c0ac1260eaf7913262fc52740a15eca8c95c06cd3ba30685365f0 18542 host_9.7.3.dfsg-1~squeeze11_all.deb e375dc1cb920e2f00f2b6a4ca531b4a55f3b7e9fd97381aff88928459781af5f 359984 bind9_9.7.3.dfsg-1~squeeze11_amd64.deb 866143c031b598be41d377093a3950f32d54e26536e23d2508e7d88163113a23 126446 bind9utils_9.7.3.dfsg-1~squeeze11_amd64.deb 0b48a97009cc6f20242f43faaf32c1e2df447d53b12ac68e9e54814171db371a 71632 bind9-host_9.7.3.dfsg-1~squeeze11_amd64.deb a0a9bb18c53d8efa9acb9b6b1c2b9c17b2023d535d18e014eac77aa3bda10c1d 1500020 libbind-dev_9.7.3.dfsg-1~squeeze11_amd64.deb 0903205c834e9be31d245bb35e8d0271e2c732c2b7904016b3204c020f4fb84d 38790 libbind9-60_9.7.3.dfsg-1~squeeze11_amd64.deb 52092272bd6ebbcf546d8959958db506edba81c0dac47956e1ffbbe223e4b01c 708800 libdns69_9.7.3.dfsg-1~squeeze11_amd64.deb 2f62fb3e3b03c1e2ff4f8f738da9f05d2f6329c207ce2927aee95d10db043193 175084 libisc62_9.7.3.dfsg-1~squeeze11_amd64.deb a6c17c0f070ee6a0f2695cf4ddb2ecdc2722a64e97f6160377125da1687612e0 52372 liblwres60_9.7.3.dfsg-1~squeeze11_amd64.deb 9da68228675ef723a0233acb462d2061b87bc12ec6aa569d669852ed2ae6085c 33312 libisccc60_9.7.3.dfsg-1~squeeze11_amd64.deb 2cd987ad55b36b000bfd6980804856a2b87845f2bc6a2b737d0098fd2eb9701e 57544 libisccfg62_9.7.3.dfsg-1~squeeze11_amd64.deb cc3f581a54ece9b53ae013776ee174e8970e2b36ded9183221f2752e2d9e9659 164914 dnsutils_9.7.3.dfsg-1~squeeze11_amd64.deb 41e59a581e1a3d17961dd15805f0fcc58eea544a186f53ec2bb78b05de977632 243478 lwresd_9.7.3.dfsg-1~squeeze11_amd64.deb Files: 22a0322c6605de70ab096f0327555c9d 2192 net optional bind9_9.7.3.dfsg-1~squeeze11.dsc 046463197e23ca9cee81bec51d775254 606490 net optional bind9_9.7.3.dfsg-1~squeeze11.diff.gz 148395a02924ac286d13d9eb62936038 345172 doc optional bind9-doc_9.7.3.dfsg-1~squeeze11_all.deb 7e809f7cd4b3dec2e44f0de93c0d0fa4 18542 net standard host_9.7.3.dfsg-1~squeeze11_all.deb 40a7535daab2aaf2020e9a183de39d64 359984 net optional bind9_9.7.3.dfsg-1~squeeze11_amd64.deb 39c98c9a592408a122302a3c579914d3 126446 net optional bind9utils_9.7.3.dfsg-1~squeeze11_amd64.deb 90ed16e7ac9c7a8dcba3c7b4a882ff7f 71632 net standard bind9-host_9.7.3.dfsg-1~squeeze11_amd64.deb 069251fccb6c6bf4769c17b047bb5357 1500020 libdevel optional libbind-dev_9.7.3.dfsg-1~squeeze11_amd64.deb c3d26d7ad31ce5141b55b60c92ca296c 38790 libs standard libbind9-60_9.7.3.dfsg-1~squeeze11_amd64.deb 48b6f2c0160dec8e50f337535fe750e1 708800 libs standard libdns69_9.7.3.dfsg-1~squeeze11_amd64.deb 30bdb95be91d9b6b72df3caaeb9238b8 175084 libs standard libisc62_9.7.3.dfsg-1~squeeze11_amd64.deb 2dee783819f5699f7fcfeccffdd7575a 52372 libs standard liblwres60_9.7.3.dfsg-1~squeeze11_amd64.deb 855139493c00d0413d82853b8b3688d2 33312 libs optional libisccc60_9.7.3.dfsg-1~squeeze11_amd64.deb d523d5491cf713628fe2aa01553c0f58 57544 libs optional libisccfg62_9.7.3.dfsg-1~squeeze11_amd64.deb 35e2b6071e6791f084c18afcab942ba7 164914 net standard dnsutils_9.7.3.dfsg-1~squeeze11_amd64.deb fb078ad30d430e09739a71fb690076e9 243478 net optional lwresd_9.7.3.dfsg-1~squeeze11_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJR84/UAAoJEHidbwV/2GP+g5YP/1r6M7w6wPreBg/Aw1Ul78lw NKaXwURwr9ehD79GO4m3dyFtei8mRHocMdZTGB2lJxeY6dmZSqwKDN57B0/PCNLN EukmQUtWYZYYepJLIdqHGCbM8+b+BmGMDuXool12RyiO5XufYQoqD4n+vxBfmUHc Tag8iucAsbei+IHwmZ2WNnX2lm55nEJNvf1m8kUSi8xF3IK+Qe6O6up6SUGycXlo MBMjqoGMn8LGJNvaZKl1RTDuqCpPBJqESNZGOaaZlz1HnJzHVYtOYUAyLOW2qzsa QWT7HkZniQPJ7ThFxWbWH/T2lWDIyoswQSJg6q/nCKXa6lLZymhP02YG7t0zM5lJ Yo/ae51e+zxWqTyXUHQDzWfzk9Kpu4/bmJOOAx4xodGWQtHaQTqv25+W/ZZVBQot 2zQR9+N0ke/payDl1aKv7yItQkzg79TibcHXJ/JmJPuQ05M3G7cep+050a1+42iS 8zJE2hrciaEY+3beRl2toMK8YpKFcc4+SdfDO7FXTntI4Oa1y/dQGEoajNXolQ72 qxC8bMzp3fgoEnl8ojq4mP3xw3jUI4Oe/3+1L5sG/MYHiRmXTa/Cb1brT5ijPNBF rh6C5jHCH5LYOD+MXDj4tDIhVeKYeIjBJxzAm8tBFaEm8ZVeifUN/MEu8z+Yke1K BkEqUjXJbl876VoK6/yR =pRKu -----END PGP SIGNATURE-----
--- End Message ---
