Univention Bugzilla – Bug 42590
bind9: Denial of service (3.2)
Last modified: 2016-10-20 13:15:52 CEST
Upstream Debian package version 1:9.8.4.dfsg.P1-6+nmu2+deb7u11 fixes * buffer.c in named does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. (CVE-2016-2776) Not affected by CVE-2016-2775.
r16776 | bind9 Package: bind9 Version: 1:9.8.4.dfsg.P1-6+nmu2.113.201610101547 Branch: ucs_3.2-0 Scope: errata3.2-8 r73049 | Bug #40319: bind9 YAML bind9.yaml => SELECT DISTINCT binver,major,minor,patch,scope FROM binpkg WHERE binpkg='bind9' AND (major=3 AND minor>=2 OR major>=4) ORDER BY major,minor,patch,scope ASC NULLS FIRST; binver | major | minor | patch | scope -----------------------------------------+-------+-------+-------+-------- 1:9.8.0.P4-1.102.201307290920 | 3 | 2 | 0 | 1:9.8.4.dfsg.P1-6+nmu2.113.201508061528 | 3 | 2 | 6 | errata 1:9.8.4.dfsg.P1-6+nmu2.113.201508061528 | 3 | 2 | 7 | 1:9.8.4.dfsg.P1-6+nmu2.113.201610101547 | 3 | 2 | 8 | errata 1:9.8.4.dfsg.P1-6+nmu2.113.201603012216 | 3 | 3 | 0 | 1:9.8.4.dfsg.P1-6+nmu2.113.201610101550 | 3 | 3 | 0 | errata 1:9.8.4.dfsg.P1-6+nmu2.108.201411010114 | 4 | 0 | 0 | 1:9.8.4.dfsg.P1-6+nmu2.109.201501200840 | 4 | 0 | 0 | errata 1:9.8.4.dfsg.P1-6+nmu2.109.201501200840 | 4 | 0 | 1 | 1:9.8.4.dfsg.P1-6+nmu2.114.201508061539 | 4 | 0 | 2 | errata 1:9.8.4.dfsg.P1-6+nmu2.114.201508061539 | 4 | 0 | 3 | 1:9.8.4.dfsg.P1-6+nmu2.115.201610101551 | 4 | 1 | 3 | errata 1:9.9.5.dfsg-9+deb8u6 | 4 | 2 | 0 |
Jenkins tests have been started: http://jenkins.knut.univention.de:8080/job/UCS-3.2/job/UCS-3.2-8/job/AutotestJoin/6/
root@master321:~# apt-cache policy bind9 bind9: Installiert: 1:9.8.4.dfsg.P1-6+nmu2.120.201607011019 Kandidat: 1:9.8.4.dfsg.P1-6+nmu2.120.201607011019 Versionstabelle: *** 1:9.8.4.dfsg.P1-6+nmu2.120.201607011019 0 500 http://updates.software-univention.de/3.2/maintained/component/ 3.2-8-errata/amd64/ Packages 100 /var/lib/dpkg/status 1:9.8.4.dfsg.P1-6+nmu2.113.201610101547 0 500 http://updates-test.software-univention.de/3.2/maintained/component/ 3.2-8-errata-test/amd64/ Packages
Package: bind9 Version: 1:9.8.4.dfsg.P1-6+nmu2.121.201610141703 Branch: ucs_3.2-0 Scope: errata3.2-8 r73253 | Bug #40319: bind9 YAML bind9.yaml FYI: All other bind9 versions were rebuilt as well as each UCS release has a different version of OpenSSL - I did a successful update from 3.2 → 3.3 → 4.1
(In reply to Philipp Hahn from comment #4) > Package: bind9 > Version: 1:9.8.4.dfsg.P1-6+nmu2.121.201610141703 > Branch: ucs_3.2-0 > Scope: errata3.2-8 > > r73253 | Bug #40319: bind9 YAML > bind9.yaml > > FYI: All other bind9 versions were rebuilt as well as each UCS release has a > different version of OpenSSL - I did a successful update from 3.2 → 3.3 → 4.1 OK, works now.
<http://errata.software-univention.de/ucs/3.2/449.html>