-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3449-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 19, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bind9 CVE ID : CVE-2015-8704 It was discovered that specific APL RR data could trigger an INSIST failure in apl_42.c and cause the BIND DNS server to exit, leading to a denial-of-service. For the oldstable distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u9. For the stable distribution (jessie), this problem has been fixed in version 1:9.9.5.dfsg-9+deb8u5. We recommend that you upgrade your bind9 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWnp/jAAoJEAVMuPMTQ89E180QAIeJ/iEoF9HCtcUrkC0eBL/e /YXFKTW11jMzCGK6Q31jglKfs7DZzA67TxCi2fstwQqwlGON/mB/Nowc1ihF1aso k24emGiBLRHQxBvptKN6wMZYpqUMnNpVybhD6/CRsscH+5PsD5ZQ9yQcn+it4bx1 lkasndFxygkp7t2nZvgOD49oQHy/n82IVNiHumbiOag5PIEDYrTvMMfHBy/1TxNX Y6njcPdOV8/5zfvVMBo93i3lF32UzO2Bffm1uF4ye+Nm7BVZ3Q7hDf65U14sHQMR RF2jy+vsAHtBeyOLezrEZoPRZnj+C6aV+xfiTdxNUUpeoZ5sbbmgXJ0kUzgn7UoL q1nqf0ZrhZ2Ztj/mPBUSNCagjuM/8L1qe4AN4VF1+oAWtmODZiEk0jUDXpGNHARf p1wLHk0wlsAvj2rLlP2JnAup3J8XLdDSPCgQcyOrWWXK9lW5jWRATqxJw2EfSKrg asNjLKxZv6XlNPdw+AiA+91yX2MbktnFIZiK4f8vlFieSFNDmdKGT2ZDGkUvywLi pIsje6AcHAwL9dJ/eNzCraFRpnnEHB6WGsVuEvUsMh6udk+d3gyiFrAnlm1e7ojI b9rfBBNIMWmQ9EbHqBtBi7VDkNXQZB8KKPvzJdryqt2VZBxqTWL/tL6hmK+ChDIY yOfHZrumRzImPkp9GvF9 =0lEC -----END PGP SIGNATURE-----