[dns-operations] Remote crash in Bind9 (in Debian)
Stephane Bortzmeyer
bortzmeyer at nic.fr
Wed Jul 29 07:19:40 UTC 2009
On Tue, Jul 28, 2009 at 08:24:45PM +0000,
Ond?ej Surý <ondrej.sury at nic.cz> wrote
a message of 22 lines which said:
> For all of you who are not aware, there is a way how to crash bind9
> (in Debian?) via specially crafted packet:
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538975
The bug has been closed because a patched BIND is available in Debian
"unstable" but there is still nothing for Debian "stable" so most
production sites are still vulnerable :-(
No advisory appear here:
http://www.debian.org/security/
:-(
More information about the dns-operations
mailing list