Package: bind9 Version: 1:9.10.3.dfsg.P4-10.1 Tags: security Severity: grave
ISC has released a security alert at <https://kb.isc.org/article/AA-01419> Relevant information from this report follows: CVE: CVE-2016-2776 Document Version: 2.0 Posting date: 2016-09-27 Program Impacted: BIND Versions affected: 9.0.x -> 9.8.x, 9.9.0->9.9.9-P2, 9.9.3-S1->9.9.9-S3, 9.10.0->9.10.4-P2, 9.11.0a1->9.11.0rc1 Severity: High Exploitable: Remotely Description: Testing by ISC has uncovered a critical error condition which can occur when a nameserver is constructing a response. A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a query that meets certain criteria. This assertion can be triggered even if the apparent source address isn't allowed to make queries (i.e. doesn't match 'allow-query'). Impact: All servers are vulnerable if they can receive request packets from any source.
