[Secure-testing-commits] r51424 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue May 9 04:51:44 UTC 2017 

Author: carnil
Date: 2017-05-09 04:51:43 +0000 (Tue, 09 May 2017)
New Revision: 51424

Modified:
   data/CVE/list
Log:
bind9 fixed in unstable for #860224, #860225 and #860226

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-05-09 04:23:15 UTC (rev 51423)
+++ data/CVE/list	2017-05-09 04:51:43 UTC (rev 51424)
@@ -16439,12 +16439,12 @@
 	- bind9 <not-affected> (RHEL6 specific)
 CVE-2017-3138 [named exits with a REQUIRE assertion failure if it receives a null command string on its control channel]
 	RESERVED
-	- bind9 <unfixed> (bug #860226)
+	- bind9 1:9.10.3.dfsg.P4-12.3 (bug #860226)
 	NOTE: https://kb.isc.org/article/AA-01471
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=a636604b20cc0aaabc8edbb7595f7c1c820b7610
 CVE-2017-3137 [A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME]
 	RESERVED
-	- bind9 <unfixed> (bug #860225)
+	- bind9 1:9.10.3.dfsg.P4-12.3 (bug #860225)
 	NOTE: https://kb.isc.org/article/AA-01466
 	NOTE: Additional information for backporting patch: http://www.openwall.com/lists/oss-security/2017/04/17/5
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=69fd759b4aa02047e42e5cf4227f8257c4547988
@@ -16452,7 +16452,7 @@
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=7ab9e8e00775782d474522a5b2bffba8daefefa5 (regression fix)
 CVE-2017-3136 [An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;"]
 	RESERVED
-	- bind9 <unfixed> (bug #860224)
+	- bind9 1:9.10.3.dfsg.P4-12.3 (bug #860224)
 	NOTE: https://kb.isc.org/article/AA-01465
 	NOTE: Fixed by (9.10.x): https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commitdiff;h=764240ca07ab1b796226d5402ccd9fbfa77ec32a
 CVE-2017-3135 [Assertion failure when using DNS64 and RPZ can lead to crash]

More information about the Secure-testing-commits mailing list