Your message dated Thu, 14 Jun 2018 14:54:40 +0000 with message-id <e1ftte4-00007j...@fasolo.debian.org> and subject line Bug#901483: fixed in bind9 1:9.11.3+dfsg-2 has caused the Debian Bug report #901483, regarding bind9: CVE-2018-5738: improperly permits recursive query service to unauthorized clients to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 901483: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901483 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: bind9 Version: 1:9.11.3+dfsg-1 Severity: grave Tags: security upstream Justification: user security hole Hi, The following vulnerability was published for bind9, affecting the version present in unstable (older suites do not include the upstream change #4777). CVE-2018-5738[0]: |Some versions of BIND can improperly permit recursive query service to |unauthorized clients If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-5738 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738 [1] https://kb.isc.org/article/AA-01616/0/CVE-2018-5738 Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: bind9 Source-Version: 1:9.11.3+dfsg-2 We believe that the bug you reported is fixed in the latest version of bind9, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 901...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ondřej Surý <ond...@debian.org> (supplier of updated bind9 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 14 Jun 2018 13:01:47 +0000 Source: bind9 Binary: bind9 bind9utils bind9-doc bind9-host libbind-dev libbind9-160 libdns1100 libirs160 libisc169 liblwres160 libisccc160 libisccfg160 dnsutils libbind-export-dev libdns-export1100 libdns-export1100-udeb libirs-export160 libirs-export160-udeb libisc-export169 libisc-export169-udeb libisccc-export160 libisccc-export160-udeb libisccfg-export160 libisccfg-export160-udeb Architecture: source Version: 1:9.11.3+dfsg-2 Distribution: unstable Urgency: medium Maintainer: BIND 9 Package <bi...@package.debian.org> Changed-By: Ondřej Surý <ond...@debian.org> Description: bind9 - Internet Domain Name Server bind9-doc - Documentation for BIND bind9-host - DNS lookup utility (deprecated) bind9utils - Utilities for BIND dnsutils - Clients provided with BIND libbind-dev - Static Libraries and Headers used by BIND libbind-export-dev - Development files for the exported BIND libraries libbind9-160 - BIND9 Shared Library used by BIND libdns-export1100 - Exported DNS Shared Library libdns-export1100-udeb - Exported DNS library for debian-installer (udeb) libdns1100 - DNS Shared Library used by BIND libirs-export160 - Exported IRS Shared Library libirs-export160-udeb - Exported IRS library for debian-installer (udeb) libirs160 - DNS Shared Library used by BIND libisc-export169 - Exported ISC Shared Library libisc-export169-udeb - Exported ISC library for debian-installer (udeb) libisc169 - ISC Shared Library used by BIND libisccc-export160 - Command Channel Library used by BIND libisccc-export160-udeb - Command Channel Library used by BIND (udeb) libisccc160 - Command Channel Library used by BIND libisccfg-export160 - Exported ISC CFG Shared Library libisccfg-export160-udeb - Exported ISC CFG library for debian-installer (udeb) libisccfg160 - Config File Handling Library used by BIND liblwres160 - Lightweight Resolver Library used by BIND Closes: 899959 901483 Changes: bind9 (1:9.11.3+dfsg-2) unstable; urgency=medium . * [CVE-2018-5738]: Add upstream fix to close the default open recursion (Closes: #901483) * Change the maintainer address (Closes: #899959) Checksums-Sha1: 47625ba3ef08c3b0e38a7d51945ade02569f67d8 3933 bind9_9.11.3+dfsg-2.dsc 1d9dbeab8b74bb5c45d81a73bb7bae313bfd9580 82192 bind9_9.11.3+dfsg-2.debian.tar.xz 1ec75d21d36d37d64de0dd5cae3fdc10a3cdf86e 19444 bind9_9.11.3+dfsg-2_amd64.buildinfo Checksums-Sha256: 4fdeb2fa8b7f960936d6a997cb566230fbe218fa3b7979567bb3357df90bb2bc 3933 bind9_9.11.3+dfsg-2.dsc d1c471b2d51766c3accd54bd951746f778f33b70748d590a0aa9920dec8184fe 82192 bind9_9.11.3+dfsg-2.debian.tar.xz fb120f39b62af6b6e22802c098086d88cf2508f853b3145f910e4136241881e0 19444 bind9_9.11.3+dfsg-2_amd64.buildinfo Files: 104e420713661d35b798057a231f478f 3933 net optional bind9_9.11.3+dfsg-2.dsc f46df22f096e886088649c29a7f11bc2 82192 net optional bind9_9.11.3+dfsg-2.debian.tar.xz 3668337f1ba4272c1b778610134ba575 19444 net optional bind9_9.11.3+dfsg-2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAlsichtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcJJSA/9FGXVLymzQf9fKyGbS64dEzWGBB442rH9cJiSw3zzqS7BPro5MqbBOowf dJlu2IhyjWXBa2w+ejQPU/lLKFtgMV8aJka46f92rtW1jJOCDCmTwOCBvErbzmNF Yfeo8LZqDDqPJd64s+wS6iEEjpT8rqMnCkMSqvYWjcFfa3dWLzLRaisyf+HOTO4A 7dc4yOWUVWmSzoPMJmS4wik2m0VPu2R6txzr8EMu5+0o9/TOHuJa65gJLw5bBxGH S/JlURdx6VVXQRHkU11K6HC469Gm+h+kn97z/qPq+Els8O8vWkgYehP78b2tDwwu D7DL6Xy17tYFGSInwUAyIrF2uD23e7aWnrkXxgNuVOYVcKVoV5CBAjvPApJyiqnj 7+gfK5EWRi6nvl8cbOGEPQFpMyHFC4N4Rt/NUEOCBWeEBfzArllbWeo+umYS/l8/ h15dPkUiyhCHKFEqv8PeReAJva6HHmOMhGq6Ot7PIj47s6sI5osCxDI++vCmrlqg k2Njl5HYUn38030PLnaJpfiJ669Vcm/6Gp3INQkIPibijRXK28fK02LydbuXU2Qy Q04X13nadv6rWXWax7dDbMIS6jq2s5B7srgTtDSjwcjasPoFRcEAJF+wMdrLT5Xo nbztUL8fxZeBHh8HUme+OPS41m9UIMn8QV8o6+7iUcwZ8ZJK0OM= =9bD7 -----END PGP SIGNATURE-----
--- End Message ---
