Hello Jon, We prioritized this as vulnerability as a 'low'[0] issue, so we're unlikely to issue an update for this issue until either more issues in dnstracer are discovered or perhaps if someone prepares an update that we can sponsor.
Do you rely upon calling this tool in an unsafe manner in one of your tools? Or, does one of our tools in main call this tool in an unsafe manner? Thanks 0: https://people.canonical.com/~ubuntu- security/cve/2017/CVE-2017-9430.html ** Information type changed from Private Security to Public Security ** Changed in: dnstracer (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1734279 Title: CVE-2017-9430 on Dnstracer 1.9 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnstracer/+bug/1734279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
