[Secure-testing-team] Bug#735190: bind9: CVE-2014-0591: A Crafted Query Against an NSEC3-signed Zone Can Crash BIND
Salvatore Bonaccorso
carnil at debian.org
Mon Jan 13 17:19:41 UTC 2014
Package: bind9
Severity: grave
Tags: security upstream fixed-upstream
Hi,
the following vulnerability was published for bind9.
CVE-2014-0591[0,1]:
A Crafted Query Against an NSEC3-signed Zone Can Crash BIND
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591
http://security-tracker.debian.org/tracker/CVE-2014-0591
[1] https://kb.isc.org/article/AA-01078
Please adjust the affected versions in the BTS as needed. (From the
versions, all bind9 versions in Debian oldstable, stable and unstable
should be affected).
Regards,
Salvatore
More information about the Secure-testing-team
mailing list