Bug#839010: marked as done (bind9: CVE-2016-2776: Assertion failure in query processing)

Mon, 03 Oct 2016 15:06:47 -0700 

Your message dated Mon, 03 Oct 2016 22:03:06 +0000
with message-id <e1brbke-0007yv...@franck.debian.org>
and subject line Bug#839010: fixed in bind9 1:9.9.5.dfsg-9+deb8u7
has caused the Debian Bug report #839010,
regarding bind9: CVE-2016-2776: Assertion failure in query processing
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
839010: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839010
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: bind9
Version: 1:9.10.3.dfsg.P4-10.1
Tags: security
Severity: grave

ISC has released a security alert at

  <https://kb.isc.org/article/AA-01419>

Relevant information from this report follows:

CVE:                   CVE-2016-2776
Document Version:      2.0
Posting date:          2016-09-27
Program Impacted:      BIND
Versions affected:     9.0.x -> 9.8.x, 9.9.0->9.9.9-P2, 9.9.3-S1->9.9.9-S3,
                       9.10.0->9.10.4-P2, 9.11.0a1->9.11.0rc1
Severity:              High
Exploitable:           Remotely

Description:

   Testing by ISC has uncovered a critical error condition which
   can occur when a nameserver is constructing a response.  A defect
   in the rendering of messages into packets can cause named to
   exit with an assertion failure in buffer.c while constructing a
   response to a query that meets certain criteria.

   This assertion can be triggered even if the apparent source
   address isn't allowed to make queries (i.e. doesn't match
   'allow-query').

Impact:

   All servers are vulnerable if they can receive request packets from
any source.

--- End Message ---
--- Begin Message --- 
Source: bind9
Source-Version: 1:9.9.5.dfsg-9+deb8u7

We believe that the bug you reported is fixed in the latest version of
bind9, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 839...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Florian Weimer <f...@deneb.enyo.de> (supplier of updated bind9 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 27 Sep 2016 19:46:00 +0200
Source: bind9
Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-90 
libdns100 libisc95 liblwres90 libisccc90 libisccfg90 dnsutils lwresd 
libbind-export-dev libdns-export100 libdns-export100-udeb libisc-export95 
libisc-export95-udeb libisccfg-export90 libisccfg-export90-udeb libirs-export91 
libirs-export91-udeb
Architecture: source all amd64
Version: 1:9.9.5.dfsg-9+deb8u7
Distribution: jessie-security
Urgency: high
Maintainer: LaMont Jones <lam...@debian.org>
Changed-By: Florian Weimer <f...@deneb.enyo.de>
Description:
 bind9      - Internet Domain Name Server
 bind9-doc  - Documentation for BIND
 bind9-host - Version of 'host' bundled with BIND 9.X
 bind9utils - Utilities for BIND
 dnsutils   - Clients provided with BIND
 host       - Transitional package
 libbind-dev - Static Libraries and Headers used by BIND
 libbind-export-dev - Development files for the exported BIND libraries
 libbind9-90 - BIND9 Shared Library used by BIND
 libdns-export100 - Exported DNS Shared Library
 libdns-export100-udeb - Exported DNS library for debian-installer (udeb)
 libdns100  - DNS Shared Library used by BIND
 libirs-export91 - Exported IRS Shared Library
 libirs-export91-udeb - Exported IRS library for debian-installer (udeb)
 libisc-export95 - Exported ISC Shared Library
 libisc-export95-udeb - Exported ISC library for debian-installer (udeb)
 libisc95   - ISC Shared Library used by BIND
 libisccc90 - Command Channel Library used by BIND
 libisccfg-export90 - Exported ISC CFG Shared Library
 libisccfg-export90-udeb - Exported ISC CFG library for debian-installer (udeb)
 libisccfg90 - Config File Handling Library used by BIND
 liblwres90 - Lightweight Resolver Library used by BIND
 lwresd     - Lightweight Resolver Daemon
Closes: 831796 839010
Changes:
 bind9 (1:9.9.5.dfsg-9+deb8u7) jessie-security; urgency=high
 .
   * CVE-2016-2775: lwresd crash with long query name.
     Backport of upstream commit 38cc2d14e218e536e0102fa70deef99461354232.
     Closes: #831796.
   * CVE-2016-2776: assertion failure due to unspecified crafted query.
     Fix based on 43139-9-9.patch from ISC.  Closes: #839010.
Checksums-Sha1:
 59538c1b3bd16b405ee8643faecd56276612bb4c 3116 bind9_9.9.5.dfsg-9+deb8u7.dsc
 20df2c3491f36787547e18bbc06b3e6c25845154 121116 
bind9_9.9.5.dfsg-9+deb8u7.diff.gz
 e6d91efa2476ed6d911299668f8fa2413fc85e04 338634 
bind9-doc_9.9.5.dfsg-9+deb8u7_all.deb
 f110441cfca25acf6eae31392a49c2526e1ed944 23326 host_9.9.5.dfsg-9+deb8u7_all.deb
 51faace2d1c5079bb8334d36385f1cb821770709 314658 
bind9_9.9.5.dfsg-9+deb8u7_amd64.deb
 f45539818ade2126e3728df8e2064dae78d31e57 167200 
bind9utils_9.9.5.dfsg-9+deb8u7_amd64.deb
 163346f61748de37578208b408456e9e72d990f3 67456 
bind9-host_9.9.5.dfsg-9+deb8u7_amd64.deb
 251c9c6ad595c1acdb43340a9bfc7e457ccb62b3 1230914 
libbind-dev_9.9.5.dfsg-9+deb8u7_amd64.deb
 d3413c2dafbc4e191b7ecb7037b6d26046499d0d 43034 
libbind9-90_9.9.5.dfsg-9+deb8u7_amd64.deb
 6f5881ebbfccc659337f110e23e576735cc32240 679836 
libdns100_9.9.5.dfsg-9+deb8u7_amd64.deb
 f24f6654ba5d85594867f3f0bf50438da4943eb9 168084 
libisc95_9.9.5.dfsg-9+deb8u7_amd64.deb
 49da22e059c3ce31b552259802049b3638686722 52678 
liblwres90_9.9.5.dfsg-9+deb8u7_amd64.deb
 f5152e9902d7e76e925f098c2328603b08f578aa 36326 
libisccc90_9.9.5.dfsg-9+deb8u7_amd64.deb
 3aa4b9f97741e44048cd7deda002bb81c3339599 56894 
libisccfg90_9.9.5.dfsg-9+deb8u7_amd64.deb
 68fe2588ed8a28c2844c27ac239e1aaf27f2d645 118648 
dnsutils_9.9.5.dfsg-9+deb8u7_amd64.deb
 21fdf3458a56e93d22ab4dd58f6afd378ed20517 231210 
lwresd_9.9.5.dfsg-9+deb8u7_amd64.deb
 6539f2b30336e414415e164f6b8f9d9ba8ea3247 829602 
libbind-export-dev_9.9.5.dfsg-9+deb8u7_amd64.deb
 7d0e52077c26c2137cd7ba520324ffa7b2e11806 456102 
libdns-export100_9.9.5.dfsg-9+deb8u7_amd64.deb
 25910d94089284a4a6cfcc0e4c93fde3dec99d89 434026 
libdns-export100-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
 492c1807ff63d2509e5b673b1d0d24ec9eb14456 140402 
libisc-export95_9.9.5.dfsg-9+deb8u7_amd64.deb
 4945cb9ef81a5597fe8398e19f503d75a12cc017 117278 
libisc-export95-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
 06f4ec52ddc936d23c04138210d3de9b471ecd41 40522 
libisccfg-export90_9.9.5.dfsg-9+deb8u7_amd64.deb
 22f340c006b83e7a0197ef2d9a8cb91df95a6aa9 17570 
libisccfg-export90-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
 ec3412ad354be63238f7e9b321e9faaac46b96c9 38234 
libirs-export91_9.9.5.dfsg-9+deb8u7_amd64.deb
 69200cc524956e99ddfb2b509cf4c3edbdfa9d34 15360 
libirs-export91-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
Checksums-Sha256:
 b726f8405202216606066177f75a451a4149bef222756ade2dbcd3146411374e 3116 
bind9_9.9.5.dfsg-9+deb8u7.dsc
 7f4132b821afb96d247190866a58a3cf60ec55ac958c06d4bdfc126a77c393fc 121116 
bind9_9.9.5.dfsg-9+deb8u7.diff.gz
 19b6d0cffbbaeb769b0cb385b610fcff6f462adbcb25cdeea0a07651c9f98f29 338634 
bind9-doc_9.9.5.dfsg-9+deb8u7_all.deb
 326ec7bbea0f2576147f34a52cdafa8ab5e7432de640c42ef3c2124aaf23f880 23326 
host_9.9.5.dfsg-9+deb8u7_all.deb
 34e65cebadefee898339c9496cdc7d29849cd154344dcf8b7ef6cd1bbfdcdbdc 314658 
bind9_9.9.5.dfsg-9+deb8u7_amd64.deb
 69d819363039bb8c7706742b695bbc9a164b9b9ff515c91e6f809f1433676506 167200 
bind9utils_9.9.5.dfsg-9+deb8u7_amd64.deb
 e2f9ed4a7c1fb9f65c63eb71ae1790bbefb448da8af66893766dc54ce0cf6880 67456 
bind9-host_9.9.5.dfsg-9+deb8u7_amd64.deb
 469043db169474f901c8bbbf902d372f313c8799ce2ea9c487079d6486c4af06 1230914 
libbind-dev_9.9.5.dfsg-9+deb8u7_amd64.deb
 92f22ab5d0178ac8ef4fcb9f0ef0ba53690ba1b4ca95abcb7a98a228d697a533 43034 
libbind9-90_9.9.5.dfsg-9+deb8u7_amd64.deb
 4c66036789a773b0c4f187872f10c5baaff94a1f55f6488fe6aa0cfa6385f641 679836 
libdns100_9.9.5.dfsg-9+deb8u7_amd64.deb
 33dcf05d7d6e30501bccc98daed5a67afd8f912a1e9d8fd6b7bea8761ea39fcd 168084 
libisc95_9.9.5.dfsg-9+deb8u7_amd64.deb
 fcc1875ffb610f75f6b8b0541ac3c255084297de0b632a608baa333907232ddf 52678 
liblwres90_9.9.5.dfsg-9+deb8u7_amd64.deb
 b17f8172454b8ab6984aafee2b6463bb86913c887ec58551f43df89860b9b9b8 36326 
libisccc90_9.9.5.dfsg-9+deb8u7_amd64.deb
 b1762c0a6343dbfd382648f919736c83b7a74c6f0437f514dfc7a76297db348f 56894 
libisccfg90_9.9.5.dfsg-9+deb8u7_amd64.deb
 eb98359e9a45af8e56809d265dbc717a51d0afd5c829030cab038a7bbb27f8b0 118648 
dnsutils_9.9.5.dfsg-9+deb8u7_amd64.deb
 305972bb8e72633594964e4ef4d83fcfff145d4a8e0f7d104321d412d4d0129b 231210 
lwresd_9.9.5.dfsg-9+deb8u7_amd64.deb
 2959c6df75b505b7fbbecf95a52afd4db054c7b0839949394e13be333091b76c 829602 
libbind-export-dev_9.9.5.dfsg-9+deb8u7_amd64.deb
 9107b493e60f1e009aafa56ab58a4dd807f4bb87304f754596db96e662014a61 456102 
libdns-export100_9.9.5.dfsg-9+deb8u7_amd64.deb
 9b7a437abbad8b7752c402da174f2a61fe51a41926faf7e70c1b8ec8a1c107e6 434026 
libdns-export100-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
 3ce19741cffac901f49962986ffe3ea7ad7fed460c5dec04af7d250d2d118305 140402 
libisc-export95_9.9.5.dfsg-9+deb8u7_amd64.deb
 8ed1130e052e7902a099ecc0e50e166336186da0833c6c884514f735adccc5ab 117278 
libisc-export95-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
 9cf944a6ae4e64f40a062ac53e7abf8cedbb2ff54c1753811ce37d506dfabb37 40522 
libisccfg-export90_9.9.5.dfsg-9+deb8u7_amd64.deb
 53657520a8f392d1e26313b104d46b68b2105d7da32bee8003bb74eedfd86a5d 17570 
libisccfg-export90-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
 6500fd13a1061512ef6c55451bc8475b52d14907cbe76b694f72df1b55a1d312 38234 
libirs-export91_9.9.5.dfsg-9+deb8u7_amd64.deb
 938dfa12723de337c9646b0cf520210535f8091b52c238d01a33861253e635fd 15360 
libirs-export91-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
Files:
 fffc418805dc32e50faac2e00bc68c0e 3116 net optional 
bind9_9.9.5.dfsg-9+deb8u7.dsc
 bc98e55116ada5b82d39e197123c1438 121116 net optional 
bind9_9.9.5.dfsg-9+deb8u7.diff.gz
 2b48c1c8f31d93e9152c702a8a314c3e 338634 doc optional 
bind9-doc_9.9.5.dfsg-9+deb8u7_all.deb
 6bcee4d09a8b4615baba098b729b5e5e 23326 net standard 
host_9.9.5.dfsg-9+deb8u7_all.deb
 b292a13c010f30755f108697152f05b8 314658 net optional 
bind9_9.9.5.dfsg-9+deb8u7_amd64.deb
 666ea1d2166ec0c85f3a473e5a9ef6a8 167200 net optional 
bind9utils_9.9.5.dfsg-9+deb8u7_amd64.deb
 60a1317dc5fda12d07d3ab93e5c3f21e 67456 net standard 
bind9-host_9.9.5.dfsg-9+deb8u7_amd64.deb
 b3a35f4154c6cff4e0411103410f6dc7 1230914 libdevel optional 
libbind-dev_9.9.5.dfsg-9+deb8u7_amd64.deb
 f0fe289a501b2fd13c067c1e1a3ffb25 43034 libs standard 
libbind9-90_9.9.5.dfsg-9+deb8u7_amd64.deb
 002c0ba669bce7f249133f5e441b2212 679836 libs standard 
libdns100_9.9.5.dfsg-9+deb8u7_amd64.deb
 6cb086c5eb56fc4252131c2217f7f215 168084 libs standard 
libisc95_9.9.5.dfsg-9+deb8u7_amd64.deb
 0ae37bc4600214e0a693096827c6c77b 52678 libs standard 
liblwres90_9.9.5.dfsg-9+deb8u7_amd64.deb
 976b1efe98995e4600a479b426c39059 36326 libs optional 
libisccc90_9.9.5.dfsg-9+deb8u7_amd64.deb
 3e6acb8e5b935ae8e223bd7c2e9e4647 56894 libs optional 
libisccfg90_9.9.5.dfsg-9+deb8u7_amd64.deb
 65ff25c0467fe745e30c67cc2264c521 118648 net standard 
dnsutils_9.9.5.dfsg-9+deb8u7_amd64.deb
 152d1364e4f60dcf72bdeeffecabc865 231210 net optional 
lwresd_9.9.5.dfsg-9+deb8u7_amd64.deb
 54c1161f95a4ed83a133b2e2567b5237 829602 libdevel optional 
libbind-export-dev_9.9.5.dfsg-9+deb8u7_amd64.deb
 da2b4efb39c297f33e54d3bbe82097e2 456102 libs optional 
libdns-export100_9.9.5.dfsg-9+deb8u7_amd64.deb
 09f4f77f0f21dbfd2a6d3ddfd471d666 434026 debian-installer optional 
libdns-export100-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
 2107da2a60a0f217c95ef3bf323b3930 140402 libs optional 
libisc-export95_9.9.5.dfsg-9+deb8u7_amd64.deb
 dc3477f7d75d7877d0e2263b044d0749 117278 debian-installer optional 
libisc-export95-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
 9e1ab1fd29f6c8069e80491e8e7a33b1 40522 libs optional 
libisccfg-export90_9.9.5.dfsg-9+deb8u7_amd64.deb
 98b6895daf97257253f025596de7d587 17570 debian-installer optional 
libisccfg-export90-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb
 8edf7d0a34ee1811ade981e0a9c58c9c 38234 libs optional 
libirs-export91_9.9.5.dfsg-9+deb8u7_amd64.deb
 7add895d3896f56f28b6747fa68aaa2a 15360 debian-installer optional 
libirs-export91-udeb_9.9.5.dfsg-9+deb8u7_amd64.udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJX6sAAAAoJEL97/wQC1SS+kL8H/14Rq/UycFfxiRP31kPB/S0g
rzLA7YK6+PgMRAzOjpbENgRKL4fmoPdg2ak2mF4dOLWpR+0u3a1+A49OhlWKK+ra
qBLvEwCDG1pakxp33TgfODN4iFvMSJ9IzntJ9BJtGtU1dRclYmpAmdfu/UA7HyOb
fOMovPV/spO5alxGoyHJVOmrb9OR9G4bNqpfnqgdNsCHFze0DubmAWIErOLOjDjp
3xWB6PX9QyCXxSvDs6vVHRW2HgvSU4S3bWRRTLKWO/RPdw2lObnG9+IBpfxcvl/5
VGMmmciZKxbDWIhjGSNCrbA2Hrz/f4v+nSNAjSDmshoYYewcHgIdL/0DAznSF0w=
=LlfB
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to