-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3511-1                   security@debian.org
https://www.debian.org/security/                          Michael Gilbert
March 09, 2016                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : bind9
CVE ID         : CVE-2016-1285 CVE-2016-1286

Two vulnerabilites have been discovered in ISC's BIND DNS server.

CVE-2016-1285

    A maliciously crafted rdnc, a way to remotely administer a BIND server,
    operation can cause named to crash, resulting in denial of service.

CVE-2016-1286

    An error parsing DNAME resource records can cause named to crash,
    resulting in denial of service.

For the oldstable distribution (wheezy), these problems have been fixed
in version 9.8.4.dfsg.P1-6+nmu2+deb7u10.

For the stable distribution (jessie), these problems have been fixed in
version 9.9.5.dfsg-9+deb8u6.

For the testing (stretch) and unstable (sid) distributions, these
problems will be fixed soon.

We recommend that you upgrade your bind9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQQcBAEBCgAGBQJW4IfBAAoJELjWss0C1vRzazMf/1ZculXzFJ55Y552ygS3+uBc
n1ZSKa1BTQB7LuZ/wfHY3yDNXkXWQ9Ey5Rnj9QN6zJfOPnXCQ6RlvgNISMb/meHA
oOiw9IXtx0uKv5b7VGKGrEiin/l9TDUGVv7Z/d6P4gTjbQo70BdC1+UgLNJWP2jI
utUippaTlMto6WeXr8xS0orM7852PDWsSiWjLK216IgsWgUMlfRE1vS/UwSBwN6j
xZHl5xhhb2Qs0vORGq//h5Y5umBA92rW6wG1vmOOGGIScYjKIJVH+fYKaJOQl6Y7
aRVpnvdZmSgbU/uglSjhlvx9BICjfsV+cAAvNY0OY3G7bmYMAEtQQThCRheQRSui
K2z02qVZ4YAXiyfNjCkrO2J3B1xo7C5kVzGt/hcn7vjeMsfJlTBd/ppcAwWhLYrw
BspXLhn122QDjqAS+wL64MtSz9gWKgQi49bEsVNRYmqpt20RBs0stMqU/DHxJhCu
L3eCQuuBTzOyD8aTJ2c1KvGi9J8l7+D9TNcvg2BBudDpoyNvpxGz1ppNnzGQENN5
kNR701pSude+8OSFrGnK9JUmt1ap4WNKWaUcIMZG2f9fBm8tdMWgp8iqou+Hiv0A
WlX1anODSWiCX5+T1u84AsoNZrYxyOPr6h3cOAEyqy6dJVslJw5xvmsq6x0GYVy+
84oJVY4sV8WLL4jyqIeWLaAp/GcKKyhD0liEgDrO5GZ/BAVCLCu4466XVNx8mPsc
QFLx7vjHv8eF9slrAw6beJ4Qulw/bEefn6OL2PC1Ic1EJSJ2VaHhC4dwhLSduLau
DXjbeYBKpk8n5jukTrIrusKqTlgDqtoNC8TRx9giBXUfP9PYexAleO4fMT35UYN3
FKcpwwjLD5wcOjc3aVEhZdaV9rbTcIwuPxXg3qsZLXH5RXn9FwgbyaXvmoxoCsf0
6gyOVF5ZlOuxM2ZoBdVwExZVys8yM0ledJAaChV93CWENRxJKOzO06CcqKRfmJxa
aDwza5tcIx6yAFx6990LGFdAns7hPLi245pElO5AU16DNcHSbiSsEIdjt3h3S+/F
vJHb9VvghVmO71XaLCxV2fXdsYMNnOKGheEXlC4F4yBPn10di8U57uyB8NKJ8Tgv
W9r+6oeh9kVP/4KN8kvLmQWShgFrBPhbsuw3UPz9UnEYiFjlMRuTdP/TaYeroPJs
k+Q/+72K69UQizKJ9UtkPoqI2Tn3I7zptDMGRsr5Pmil2+nx8xkRK3VK5BSDqkkK
MEeY7zStrxqy/u+J4Uqf9XkgXnLMTkjv9UxFBp8D5e4Ao0Xk/LMo76ZJZuahqYtO
fQw1Xbb11+cSBtER67gG48v/2kjHZINqKyIG17/SofTfOusSiLgOCRKgLkrod+8=
=wSXP
-----END PGP SIGNATURE-----