Bug#889285: bind9: CVE-2017-3139 affects debian too: assertion failure in validator.c:1858

2018-02-07 Thread Roberto C . Sánchez
On Sat, Feb 03, 2018 at 05:17:01PM +0100, Salvatore Bonaccorso wrote: > > The bug was about CVE-2017-3137, it's never a good idea to mix up > things ;-). This is true. However, it appears that Ondrej Zary's comment to #860225 on 2017-09-02 is in fact related to CVE-2017-3139. Since one of the b

Bug#889285: bind9: CVE-2017-3139 affects debian too: assertion failure in validator.c:1858

2018-02-03 Thread Salvatore Bonaccorso
Control: retitle -1 bind9: assertion failure in validator.c:1858 Hi On Sat, Feb 03, 2018 at 11:12:30AM +0100, Vladislav Kurz wrote: > This is a followup to archived bug #860225. > > Although > https://security-tracker.debian.org/tracker/CVE-2017-3139 states that > debian is not affected by CVE-2

Processed: Re: Bug#889285: bind9: CVE-2017-3139 affects debian too: assertion failure in validator.c:1858

2018-02-03 Thread Debian Bug Tracking System
Processing control commands: > retitle -1 bind9: assertion failure in validator.c:1858 Bug #889285 [bind9] bind9: CVE-2017-3139 affects debian too: assertion failure in validator.c:1858 Changed Bug title to 'bind9: assertion failure in validator.c:1858' from 'bind9: CVE-2017-3139 affects debian

Bug#889285: bind9: CVE-2017-3139 affects debian too

2018-02-03 Thread Roberto C . Sánchez
On Sat, Feb 03, 2018 at 02:37:14PM +0100, Vladislav Kurz wrote: > Hello LTS team, > > please have a look at > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889285 > > I think it is the same bug as CVE-2017-3139 which was considered to affect > only RedHat, but it seems to affect debian wheezy

Processed: Re: [Pkg-dns-devel] Bug#889285: bind9: CVE-2017-3139 affects debian too: assertion failure in validator.c:1858

2018-02-03 Thread Debian Bug Tracking System
Processing control commands: > tags -1 +wheezy Bug #889285 [bind9] bind9: CVE-2017-3139 affects debian too: assertion failure in validator.c:1858 Added tag(s) wheezy. -- 889285: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889285 Debian Bug Tracking System Contact ow...@bugs.debian.org wit

Bug#889285: [Pkg-dns-devel] Bug#889285: bind9: CVE-2017-3139 affects debian too: assertion failure in validator.c:1858

2018-02-03 Thread Ondřej Surý
Control: tags -1 +wheezy You should probably contact the Debian LTS team as it affects wheezy that’s maintained by LTS Team. Ondrej -- Ondřej Surý > On 3 Feb 2018, at 11:12, Vladislav Kurz wrote: > > Package: bind9 > Version: 1:9.8.4.dfsg.P1-6+nmu2+deb7u19 > Severity: grave > Tags: security

Bug#889285: bind9: CVE-2017-3139 affects debian too: assertion failure in validator.c:1858

2018-02-03 Thread Vladislav Kurz
Package: bind9 Version: 1:9.8.4.dfsg.P1-6+nmu2+deb7u19 Severity: grave Tags: security Justification: renders package unusable Dear Maintainer, This is a followup to archived bug #860225. Although https://security-tracker.debian.org/tracker/CVE-2017-3139 states that debian is not affected by CVE-