[Pkg-dns-devel] Bug#830806: Bug#830806: nsd: CVE-2016-6173: Improper restriction of zone size limit
Salvatore Bonaccorso
carnil at debian.org
Mon Jul 11 18:48:41 UTC 2016
Hi Ondrej,
On Mon, Jul 11, 2016 at 08:36:07PM +0200, Ondřej Surý wrote:
> Hi Salvatore,
>
> the common agreement between DNS Vendors (that includes me) is that this
> shouldn't have been assigned CVE as it is an operational issue as you
> have an established trust between DNS master-slave for transfers. (And
> all DNS servers are affected.)
>
> I don't think this really needs update in stable, but I would like to
> hear whether you think otherwise.
No I completely agree, we actually have marked all those already as
no-dsa (for src:nsd, src:pdns, src:bind9 and src:knot). But filling
those as well in BTS to have the reference in BTS.
Thanks for your quick response, amazing :-)
Salvatore
More information about the pkg-dns-devel
mailing list